Class Finding (1.15.0)

Finding(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A Finding resource represents a vulnerability instance identified during a ScanRun.

Attributes

Name Description
name str
The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
finding_type str
The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-scanner/docs/scan-result-details
http_method str
The http method of the request that triggered the vulnerability, in uppercase.
fuzzed_url str
The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
body str
The body of the request that triggered the vulnerability.
description str
The description of the vulnerability.
reproduction_url str
The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
frame_url str
If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
final_url str
The URL where the browser lands when the vulnerability is detected.
tracking_id str
The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
form google.cloud.websecurityscanner_v1beta.types.Form
An addon containing information reported for a vulnerability with an HTML form, if any.
outdated_library google.cloud.websecurityscanner_v1beta.types.OutdatedLibrary
An addon containing information about outdated libraries.
violating_resource google.cloud.websecurityscanner_v1beta.types.ViolatingResource
An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
vulnerable_headers google.cloud.websecurityscanner_v1beta.types.VulnerableHeaders
An addon containing information about vulnerable or missing HTTP headers.
vulnerable_parameters google.cloud.websecurityscanner_v1beta.types.VulnerableParameters
An addon containing information about request parameters which were found to be vulnerable.
xss google.cloud.websecurityscanner_v1beta.types.Xss
An addon containing information reported for an XSS, if any.