Class Vulnerability
A vulnerability is a weakness or error in an artifact. A vulnerability is a generalization of a CVE (every CVE is a vulnerability, but not every vulnerability has a CVE).
Inherited Members
Namespace: Oci.AdmService.Models
Assembly: OCI.DotNetSDK.Adm.dll
Syntax
public class Vulnerability
Properties
CvssV2Score
Declaration
[JsonProperty(PropertyName = "cvssV2Score")]
public float? CvssV2Score { get; set; }
Property Value
Type | Description |
---|---|
float? | Common Vulnerability Scoring System (CVSS) Version 2. |
CvssV3Score
Declaration
[JsonProperty(PropertyName = "cvssV3Score")]
public float? CvssV3Score { get; set; }
Property Value
Type | Description |
---|---|
float? | Common Vulnerability Scoring System (CVSS) Version 3. |
Id
Declaration
[Required(ErrorMessage = "Id is required.")]
[JsonProperty(PropertyName = "id")]
public string Id { get; set; }
Property Value
Type | Description |
---|---|
string | Unique vulnerability identifier, e.g. CVE-1999-0067. |
Remarks
Required
IsFalsePositive
Declaration
[JsonProperty(PropertyName = "isFalsePositive")]
public bool? IsFalsePositive { get; set; }
Property Value
Type | Description |
---|---|
bool? | Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is |
IsIgnored
Declaration
[Required(ErrorMessage = "IsIgnored is required.")]
[JsonProperty(PropertyName = "isIgnored")]
public bool? IsIgnored { get; set; }
Property Value
Type | Description |
---|---|
bool? | Indicates if the vulnerability was ignored according to the audit configuration. |
Remarks
Required
Severity
Declaration
[JsonProperty(PropertyName = "severity")]
[JsonConverter(typeof(ResponseEnumConverter))]
public VulnerabilitySeverity? Severity { get; set; }
Property Value
Type | Description |
---|---|
VulnerabilitySeverity? | ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL. |
Source
Declaration
[JsonProperty(PropertyName = "source")]
public string Source { get; set; }
Property Value
Type | Description |
---|---|
string | Source that published the vulnerability |