Package com.oracle.bmc.adm.model

Class Vulnerability

  • @Generated(value="OracleSDKGenerator",
           comments="API Version: 20220421")
public final class Vulnerability
extends com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel
    A vulnerability is a weakness or error in an artifact.

    A vulnerability is a generalization of a CVE (every CVE is a vulnerability, but not every vulnerability has a CVE).
    Note: Objects should always be created or deserialized using the Vulnerability.Builder. This model distinguishes fields that are null because they are unset from fields that are explicitly set to null. This is done in the setter methods of the Vulnerability.Builder, which maintain a set of all explicitly set fields called Vulnerability.Builder.__explicitlySet__. The hashCode() and equals(Object) methods are implemented to take the explicitly set fields into account. The constructor, on the other hand, does not take the explicitly set fields into account (since the constructor cannot distinguish explicit null from unset null).

    • Method Detail

      • getId

        public String getId()
        Unique vulnerability identifier, e.g.

        CVE-1999-0067.

        Returns:
        the value

      • getSource

        public String getSource()
        Source that published the vulnerability
        Returns:
        the value

      • getCvssV2Score

        public Float getCvssV2Score()
        Common Vulnerability Scoring System (CVSS) Version 2, calculated from the metrics provided in the CVSS vector provided from the vulnerability source.

        This field is deprecated and will be removed in the future. The cvssV2Score can be obtained from the metrics field of the listVulnerabilities endpoint.

        Returns:
        the value

      • getCvssV3Score

        public Float getCvssV3Score()
        Common Vulnerability Scoring System (CVSS) Version 3, calculated from the metrics provided in the CVSS vector provided from the vulnerability source.

        This field is deprecated and will be removed in the future. The cvssV3Score can be obtained from the metrics field of the listVulnerabilities endpoint.

        Returns:
        the value

      • getSeverity

        public VulnerabilitySeverity getSeverity()
        ADM qualitative severity score.

        Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.

        Returns:
        the value

      • getIsIgnored

        public Boolean getIsIgnored()
        Indicates if the vulnerability was ignored according to the audit configuration.
        Returns:
        the value

      • getIsFalsePositive

        public Boolean getIsFalsePositive()
        Indicates if the vulnerability is a false positive according to the usage data.

        If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.

        Returns:
        the value

      • toString

        public String toString()
        Overrides:
        toString in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • toString

        public String toString​(boolean includeByteArrayContents)
        Return a string representation of the object.
        Parameters:
        includeByteArrayContents - true to include the full contents of byte arrays
        Returns:
        string representation

      • equals

        public boolean equals​(Object o)
        Overrides:
        equals in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class com.oracle.bmc.http.client.internal.ExplicitlySetBmcModel