REST Resource: projects.scanConfigs.scanRuns.findings

Resource: Finding

A Finding resource represents a vulnerability instance identified during a ScanRun.

JSON representation
{
  "name": string,
  "findingType": enum(FindingType),
  "httpMethod": string,
  "fuzzedUrl": string,
  "body": string,
  "description": string,
  "reproductionUrl": string,
  "frameUrl": string,
  "finalUrl": string,
  "trackingId": string,
  "outdatedLibrary": {
    object(OutdatedLibrary)
  },
  "violatingResource": {
    object(ViolatingResource)
  },
  "vulnerableParameters": {
    object(VulnerableParameters)
  },
  "xss": {
    object(Xss)
  }
}
Fields
name

string

Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

findingType

enum(FindingType)

Output only. The type of the Finding.

httpMethod

string

Output only. The http method of the request that triggered the vulnerability, in uppercase.

fuzzedUrl

string

Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

body

string

Output only. The body of the request that triggered the vulnerability.

description

string

Output only. The description of the vulnerability.

reproductionUrl

string

Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

frameUrl

string

Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

finalUrl

string

Output only. The URL where the browser lands when the vulnerability is detected.

trackingId

string

Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

outdatedLibrary

object(OutdatedLibrary)

Output only. An addon containing information about outdated libraries.

violatingResource

object(ViolatingResource)

Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

vulnerableParameters

object(VulnerableParameters)

Output only. An addon containing information about request parameters which were found to be vulnerable.

xss

object(Xss)

Output only. An addon containing information reported for an XSS, if any.

FindingType

Types of Findings.

Enums
FINDING_TYPE_UNSPECIFIED The invalid finding type.
MIXED_CONTENT A page that was served over HTTPS also resources over HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and gain full access to the website that loads the resource or to monitor the actions taken by the user.
OUTDATED_LIBRARY The version of an included library is known to contain a security issue. The scanner checks the version of library in use against a known list of vulnerable libraries. False positives are possible if the version detection fails or if the library has been manually patched.
ROSETTA_FLASH This type of vulnerability occurs when the value of a request parameter is reflected at the beginning of the response, for example, in requests using JSONP. Under certain circumstances, an attacker may be able to supply an alphanumeric-only Flash file in the vulnerable parameter causing the browser to execute the Flash file as if it originated on the vulnerable server.
XSS_CALLBACK A cross-site scripting (XSS) bug is found via JavaScript callback. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
XSS_ERROR A potential cross-site scripting (XSS) bug due to JavaScript breakage. In some circumstances, the application under test might modify the test string before it is parsed by the browser. When the browser attempts to runs this modified test string, it will likely break and throw a JavaScript execution error, thus an injection issue is occurring. However, it may not be exploitable. Manual verification is needed to see if the test string modifications can be evaded and confirm that the issue is in fact an XSS vulnerability. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
CLEAR_TEXT_PASSWORD An application appears to be transmitting a password field in clear text. An attacker can eavesdrop network traffic and sniff the password field.

OutdatedLibrary

Information reported for an outdated library.

JSON representation
{
  "libraryName": string,
  "version": string,
  "learnMoreUrls": [
    string
  ]
}
Fields
libraryName

string

The name of the outdated library.

version

string

The version number.

learnMoreUrls[]

string

URLs to learn more information about the vulnerabilities in the library.

ViolatingResource

Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

JSON representation
{
  "contentType": string,
  "resourceUrl": string
}
Fields
contentType

string

The MIME type of this resource.

resourceUrl

string

URL of this violating resource.

VulnerableParameters

Information about vulnerable request parameters.

JSON representation
{
  "parameterNames": [
    string
  ]
}
Fields
parameterNames[]

string

The vulnerable parameter names.

Xss

Information reported for an XSS.

JSON representation
{
  "stackTraces": [
    string
  ],
  "errorMessage": string
}
Fields
stackTraces[]

string

Stack traces leading to the point where the XSS occurred.

errorMessage

string

An error message generated by a javascript breakage.

Methods

get

Gets a Finding.

list

List Findings under a given ScanRun.
Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Security Scanner