Class Finding

A Finding resource represents a vulnerability instance identified during a ScanRun.

Attributes
NameDescription
strname
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
strfinding_type
Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command- center/docs/how-to-remediate-web-security- scanner-findings
google.cloud.websecurityscanner_v1.types.Finding.Severityseverity
Output only. The severity level of the reported vulnerability.
strhttp_method
Output only. The http method of the request that triggered the vulnerability, in uppercase.
strfuzzed_url
Output only. The URL produced by the server- ide fuzzer and used in the request that triggered the vulnerability.
strbody
Output only. The body of the request that triggered the vulnerability.
strdescription
Output only. The description of the vulnerability.
strreproduction_url
Output only. The URL containing human- eadable payload that user can leverage to reproduce the vulnerability.
strframe_url
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
strfinal_url
Output only. The URL where the browser lands when the vulnerability is detected.
strtracking_id
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
google.cloud.websecurityscanner_v1.types.Formform
Output only. An addon containing information reported for a vulnerability with an HTML form, if any.
google.cloud.websecurityscanner_v1.types.OutdatedLibraryoutdated_library
Output only. An addon containing information about outdated libraries.
google.cloud.websecurityscanner_v1.types.ViolatingResourceviolating_resource
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
google.cloud.websecurityscanner_v1.types.VulnerableHeadersvulnerable_headers
Output only. An addon containing information about vulnerable or missing HTTP headers.
google.cloud.websecurityscanner_v1.types.VulnerableParametersvulnerable_parameters
Output only. An addon containing information about request parameters which were found to be vulnerable.
google.cloud.websecurityscanner_v1.types.Xssxss
Output only. An addon containing information reported for an XSS, if any.

Inheritance

builtins.object > proto.message.Message > Finding

Classes

Severity

Severity(value)

The severity level of a vulnerability.