VulnerabilityAudit¶

class oci.adm.models.VulnerabilityAudit(**kwargs)¶

Bases: object

A vulnerability audit associates the application dependencies of a project with their associated Vulnerabilities. Each Vulnerability is associated with a score (Common Vulnerability Scoring System V2 or V3). A vulnerable application dependency can be ignored based on the configuration of the vulnerability audit. maxObservedCvssV2Score, maxObservedCvssV3Score and vulnerableArtifactsCount do not take into account non-vulnerable application dependency.

Attributes

`BUILD_TYPE_MAVEN`	A constant which can be used with the build_type property of a VulnerabilityAudit.
`BUILD_TYPE_UNSET`	A constant which can be used with the build_type property of a VulnerabilityAudit.
`LIFECYCLE_DETAILS_USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED`	A constant which can be used with the lifecycle_details property of a VulnerabilityAudit.
`LIFECYCLE_DETAILS_USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED`	A constant which can be used with the lifecycle_details property of a VulnerabilityAudit.
`LIFECYCLE_DETAILS_USAGE_DATA_PARSE_FAILED`	A constant which can be used with the lifecycle_details property of a VulnerabilityAudit.
`LIFECYCLE_DETAILS_USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED`	A constant which can be used with the lifecycle_details property of a VulnerabilityAudit.
`LIFECYCLE_DETAILS_USAGE_DATA_UNKNOWN_ERROR`	A constant which can be used with the lifecycle_details property of a VulnerabilityAudit.
`LIFECYCLE_STATE_ACTIVE`	A constant which can be used with the lifecycle_state property of a VulnerabilityAudit.
`LIFECYCLE_STATE_CREATING`	A constant which can be used with the lifecycle_state property of a VulnerabilityAudit.
`LIFECYCLE_STATE_DELETED`	A constant which can be used with the lifecycle_state property of a VulnerabilityAudit.
`LIFECYCLE_STATE_DELETING`	A constant which can be used with the lifecycle_state property of a VulnerabilityAudit.
`LIFECYCLE_STATE_FAILED`	A constant which can be used with the lifecycle_state property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_CRITICAL`	A constant which can be used with the max_observed_severity property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_HIGH`	A constant which can be used with the max_observed_severity property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_LOW`	A constant which can be used with the max_observed_severity property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_MEDIUM`	A constant which can be used with the max_observed_severity property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_NONE`	A constant which can be used with the max_observed_severity property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_WITH_IGNORED_CRITICAL`	A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_WITH_IGNORED_HIGH`	A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_WITH_IGNORED_LOW`	A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_WITH_IGNORED_MEDIUM`	A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit.
`MAX_OBSERVED_SEVERITY_WITH_IGNORED_NONE`	A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit.
`build_type`	[Required] Gets the build_type of this VulnerabilityAudit.
`compartment_id`	[Required] Gets the compartment_id of this VulnerabilityAudit.
`configuration`	Gets the configuration of this VulnerabilityAudit.
`defined_tags`	Gets the defined_tags of this VulnerabilityAudit.
`display_name`	Gets the display_name of this VulnerabilityAudit.
`freeform_tags`	Gets the freeform_tags of this VulnerabilityAudit.
`id`	[Required] Gets the id of this VulnerabilityAudit.
`is_success`	Gets the is_success of this VulnerabilityAudit.
`knowledge_base_id`	[Required] Gets the knowledge_base_id of this VulnerabilityAudit.
`lifecycle_details`	Gets the lifecycle_details of this VulnerabilityAudit.
`lifecycle_state`	[Required] Gets the lifecycle_state of this VulnerabilityAudit.
`max_observed_cvss_v2_score`	Gets the max_observed_cvss_v2_score of this VulnerabilityAudit.
`max_observed_cvss_v2_score_with_ignored`	Gets the max_observed_cvss_v2_score_with_ignored of this VulnerabilityAudit.
`max_observed_cvss_v3_score`	Gets the max_observed_cvss_v3_score of this VulnerabilityAudit.
`max_observed_cvss_v3_score_with_ignored`	Gets the max_observed_cvss_v3_score_with_ignored of this VulnerabilityAudit.
`max_observed_severity`	Gets the max_observed_severity of this VulnerabilityAudit.
`max_observed_severity_with_ignored`	Gets the max_observed_severity_with_ignored of this VulnerabilityAudit.
`source`	[Required] Gets the source of this VulnerabilityAudit.
`system_tags`	Gets the system_tags of this VulnerabilityAudit.
`time_created`	[Required] Gets the time_created of this VulnerabilityAudit.
`time_updated`	[Required] Gets the time_updated of this VulnerabilityAudit.
`usage_data`	Gets the usage_data of this VulnerabilityAudit.
`vulnerabilities`	[Required] Gets the vulnerabilities of this VulnerabilityAudit.
`vulnerable_artifacts_count`	[Required] Gets the vulnerable_artifacts_count of this VulnerabilityAudit.
`vulnerable_artifacts_count_with_ignored`	[Required] Gets the vulnerable_artifacts_count_with_ignored of this VulnerabilityAudit.

Methods

__init__(**kwargs) Initializes a new VulnerabilityAudit object with values from keyword arguments.

BUILD_TYPE_MAVEN = 'MAVEN'¶: A constant which can be used with the build_type property of a VulnerabilityAudit. This constant has a value of “MAVEN”

BUILD_TYPE_UNSET = 'UNSET'¶: A constant which can be used with the build_type property of a VulnerabilityAudit. This constant has a value of “UNSET”

LIFECYCLE_DETAILS_USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED = 'USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED'¶: A constant which can be used with the lifecycle_details property of a VulnerabilityAudit. This constant has a value of “USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED”

LIFECYCLE_DETAILS_USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED = 'USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED'¶: A constant which can be used with the lifecycle_details property of a VulnerabilityAudit. This constant has a value of “USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED”

LIFECYCLE_DETAILS_USAGE_DATA_PARSE_FAILED = 'USAGE_DATA_PARSE_FAILED'¶: A constant which can be used with the lifecycle_details property of a VulnerabilityAudit. This constant has a value of “USAGE_DATA_PARSE_FAILED”

LIFECYCLE_DETAILS_USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED = 'USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED'¶: A constant which can be used with the lifecycle_details property of a VulnerabilityAudit. This constant has a value of “USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED”

LIFECYCLE_DETAILS_USAGE_DATA_UNKNOWN_ERROR = 'USAGE_DATA_UNKNOWN_ERROR'¶: A constant which can be used with the lifecycle_details property of a VulnerabilityAudit. This constant has a value of “USAGE_DATA_UNKNOWN_ERROR”

LIFECYCLE_STATE_ACTIVE = 'ACTIVE'¶: A constant which can be used with the lifecycle_state property of a VulnerabilityAudit. This constant has a value of “ACTIVE”

LIFECYCLE_STATE_CREATING = 'CREATING'¶: A constant which can be used with the lifecycle_state property of a VulnerabilityAudit. This constant has a value of “CREATING”

LIFECYCLE_STATE_DELETED = 'DELETED'¶: A constant which can be used with the lifecycle_state property of a VulnerabilityAudit. This constant has a value of “DELETED”

LIFECYCLE_STATE_DELETING = 'DELETING'¶: A constant which can be used with the lifecycle_state property of a VulnerabilityAudit. This constant has a value of “DELETING”

LIFECYCLE_STATE_FAILED = 'FAILED'¶: A constant which can be used with the lifecycle_state property of a VulnerabilityAudit. This constant has a value of “FAILED”

MAX_OBSERVED_SEVERITY_CRITICAL = 'CRITICAL'¶: A constant which can be used with the max_observed_severity property of a VulnerabilityAudit. This constant has a value of “CRITICAL”

MAX_OBSERVED_SEVERITY_HIGH = 'HIGH'¶: A constant which can be used with the max_observed_severity property of a VulnerabilityAudit. This constant has a value of “HIGH”

MAX_OBSERVED_SEVERITY_LOW = 'LOW'¶: A constant which can be used with the max_observed_severity property of a VulnerabilityAudit. This constant has a value of “LOW”

MAX_OBSERVED_SEVERITY_MEDIUM = 'MEDIUM'¶: A constant which can be used with the max_observed_severity property of a VulnerabilityAudit. This constant has a value of “MEDIUM”

MAX_OBSERVED_SEVERITY_NONE = 'NONE'¶: A constant which can be used with the max_observed_severity property of a VulnerabilityAudit. This constant has a value of “NONE”

MAX_OBSERVED_SEVERITY_WITH_IGNORED_CRITICAL = 'CRITICAL'¶: A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit. This constant has a value of “CRITICAL”

MAX_OBSERVED_SEVERITY_WITH_IGNORED_HIGH = 'HIGH'¶: A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit. This constant has a value of “HIGH”

MAX_OBSERVED_SEVERITY_WITH_IGNORED_LOW = 'LOW'¶: A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit. This constant has a value of “LOW”

MAX_OBSERVED_SEVERITY_WITH_IGNORED_MEDIUM = 'MEDIUM'¶: A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit. This constant has a value of “MEDIUM”

MAX_OBSERVED_SEVERITY_WITH_IGNORED_NONE = 'NONE'¶: A constant which can be used with the max_observed_severity_with_ignored property of a VulnerabilityAudit. This constant has a value of “NONE”

__init__(**kwargs)¶

Initializes a new VulnerabilityAudit object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this VulnerabilityAudit.
display_name (str) – The value to assign to the display_name property of this VulnerabilityAudit.
knowledge_base_id (str) – The value to assign to the knowledge_base_id property of this VulnerabilityAudit.
time_created (datetime) – The value to assign to the time_created property of this VulnerabilityAudit.
time_updated (datetime) – The value to assign to the time_updated property of this VulnerabilityAudit.
lifecycle_state (str) – The value to assign to the lifecycle_state property of this VulnerabilityAudit. Allowed values for this property are: “ACTIVE”, “CREATING”, “DELETED”, “DELETING”, “FAILED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
lifecycle_details (str) – The value to assign to the lifecycle_details property of this VulnerabilityAudit. Allowed values for this property are: “USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED”, “USAGE_DATA_PARSE_FAILED”, “USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED”, “USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED”, “USAGE_DATA_UNKNOWN_ERROR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
vulnerabilities (list[oci.adm.models.Vulnerability]) – The value to assign to the vulnerabilities property of this VulnerabilityAudit.
max_observed_cvss_v2_score (float) – The value to assign to the max_observed_cvss_v2_score property of this VulnerabilityAudit.
max_observed_cvss_v3_score (float) – The value to assign to the max_observed_cvss_v3_score property of this VulnerabilityAudit.
max_observed_severity (str) – The value to assign to the max_observed_severity property of this VulnerabilityAudit. Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
max_observed_cvss_v2_score_with_ignored (float) – The value to assign to the max_observed_cvss_v2_score_with_ignored property of this VulnerabilityAudit.
max_observed_cvss_v3_score_with_ignored (float) – The value to assign to the max_observed_cvss_v3_score_with_ignored property of this VulnerabilityAudit.
max_observed_severity_with_ignored (str) – The value to assign to the max_observed_severity_with_ignored property of this VulnerabilityAudit. Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
vulnerable_artifacts_count_with_ignored (int) – The value to assign to the vulnerable_artifacts_count_with_ignored property of this VulnerabilityAudit.
vulnerable_artifacts_count (int) – The value to assign to the vulnerable_artifacts_count property of this VulnerabilityAudit.
configuration (oci.adm.models.VulnerabilityAuditConfiguration) – The value to assign to the configuration property of this VulnerabilityAudit.
usage_data (oci.adm.models.UsageDataDetails) – The value to assign to the usage_data property of this VulnerabilityAudit.
is_success (bool) – The value to assign to the is_success property of this VulnerabilityAudit.
build_type (str) – The value to assign to the build_type property of this VulnerabilityAudit. Allowed values for this property are: “MAVEN”, “UNSET”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
source (oci.adm.models.VulnerabilityAuditSource) – The value to assign to the source property of this VulnerabilityAudit.
compartment_id (str) – The value to assign to the compartment_id property of this VulnerabilityAudit.
freeform_tags (dict(str, str)) – The value to assign to the freeform_tags property of this VulnerabilityAudit.
defined_tags (dict(str, dict(str, object))) – The value to assign to the defined_tags property of this VulnerabilityAudit.
system_tags (dict(str, dict(str, object))) – The value to assign to the system_tags property of this VulnerabilityAudit.

build_type¶

[Required] Gets the build_type of this VulnerabilityAudit. The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.

Allowed values for this property are: “MAVEN”, “UNSET”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The build_type of this VulnerabilityAudit.
Return type:	str

compartment_id¶

[Required] Gets the compartment_id of this VulnerabilityAudit. The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.

Returns:	The compartment_id of this VulnerabilityAudit.
Return type:	str

configuration¶

Gets the configuration of this VulnerabilityAudit.

Returns:	The configuration of this VulnerabilityAudit.
Return type:	oci.adm.models.VulnerabilityAuditConfiguration

defined_tags¶

Gets the defined_tags of this VulnerabilityAudit. Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}}

Returns:	The defined_tags of this VulnerabilityAudit.
Return type:	dict(str, dict(str, object))

display_name¶

Gets the display_name of this VulnerabilityAudit. The name of the vulnerability audit.

Returns:	The display_name of this VulnerabilityAudit.
Return type:	str

freeform_tags¶

Gets the freeform_tags of this VulnerabilityAudit. Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Returns:	The freeform_tags of this VulnerabilityAudit.
Return type:	dict(str, str)

id¶

[Required] Gets the id of this VulnerabilityAudit. The Oracle Cloud identifier (OCID) of the vulnerability audit.

Returns:	The id of this VulnerabilityAudit.
Return type:	str

is_success¶

Gets the is_success of this VulnerabilityAudit. Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.

Returns:	The is_success of this VulnerabilityAudit.
Return type:	bool

knowledge_base_id¶

[Required] Gets the knowledge_base_id of this VulnerabilityAudit. The Oracle Cloud identifier (OCID) of the knowledge base.

Returns:	The knowledge_base_id of this VulnerabilityAudit.
Return type:	str

lifecycle_details¶

Gets the lifecycle_details of this VulnerabilityAudit. Details on the lifecycle state.

Allowed values for this property are: “USAGE_DATA_NOT_FOUND_OR_NOT_AUTHORIZED”, “USAGE_DATA_PARSE_FAILED”, “USAGE_DATA_COMPRESSED_SIZE_LIMIT_EXCEEDED”, “USAGE_DATA_UNCOMPRESSED_SIZE_LIMIT_EXCEEDED”, “USAGE_DATA_UNKNOWN_ERROR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The lifecycle_details of this VulnerabilityAudit.
Return type:	str

lifecycle_state¶

[Required] Gets the lifecycle_state of this VulnerabilityAudit. The current lifecycle state of the vulnerability audit.

Allowed values for this property are: “ACTIVE”, “CREATING”, “DELETED”, “DELETING”, “FAILED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The lifecycle_state of this VulnerabilityAudit.
Return type:	str

max_observed_cvss_v2_score¶

Gets the max_observed_cvss_v2_score of this VulnerabilityAudit. Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.

Returns:	The max_observed_cvss_v2_score of this VulnerabilityAudit.
Return type:	float

max_observed_cvss_v2_score_with_ignored¶

Gets the max_observed_cvss_v2_score_with_ignored of this VulnerabilityAudit. Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.

Returns:	The max_observed_cvss_v2_score_with_ignored of this VulnerabilityAudit.
Return type:	float

max_observed_cvss_v3_score¶

Gets the max_observed_cvss_v3_score of this VulnerabilityAudit. Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.

Returns:	The max_observed_cvss_v3_score of this VulnerabilityAudit.
Return type:	float

max_observed_cvss_v3_score_with_ignored¶

Gets the max_observed_cvss_v3_score_with_ignored of this VulnerabilityAudit. Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.

Returns:	The max_observed_cvss_v3_score_with_ignored of this VulnerabilityAudit.
Return type:	float

max_observed_severity¶

Gets the max_observed_severity of this VulnerabilityAudit. Maximum ADM Severity observed for non-ignored vulnerable application dependencies.

Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The max_observed_severity of this VulnerabilityAudit.
Return type:	str

max_observed_severity_with_ignored¶

Gets the max_observed_severity_with_ignored of this VulnerabilityAudit. Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.

Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The max_observed_severity_with_ignored of this VulnerabilityAudit.
Return type:	str

source¶

[Required] Gets the source of this VulnerabilityAudit.

Returns:	The source of this VulnerabilityAudit.
Return type:	oci.adm.models.VulnerabilityAuditSource

system_tags¶

Gets the system_tags of this VulnerabilityAudit. Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {“orcl-cloud”: {“free-tier-retained”: “true”}}

Returns:	The system_tags of this VulnerabilityAudit.
Return type:	dict(str, dict(str, object))

time_created¶

[Required] Gets the time_created of this VulnerabilityAudit. The creation date and time of the vulnerability audit (formatted according to RFC3339).

Returns:	The time_created of this VulnerabilityAudit.
Return type:	datetime

time_updated¶

[Required] Gets the time_updated of this VulnerabilityAudit. The update date and time of the vulnerability audit (formatted according to RFC3339).

Returns:	The time_updated of this VulnerabilityAudit.
Return type:	datetime

usage_data¶

Gets the usage_data of this VulnerabilityAudit.

Returns:	The usage_data of this VulnerabilityAudit.
Return type:	oci.adm.models.UsageDataDetails

vulnerabilities¶

[Required] Gets the vulnerabilities of this VulnerabilityAudit. List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.

Returns:	The vulnerabilities of this VulnerabilityAudit.
Return type:	list[oci.adm.models.Vulnerability]

vulnerable_artifacts_count¶

[Required] Gets the vulnerable_artifacts_count of this VulnerabilityAudit. Count of non-ignored vulnerable application dependencies.

Returns:	The vulnerable_artifacts_count of this VulnerabilityAudit.
Return type:	int

vulnerable_artifacts_count_with_ignored¶

[Required] Gets the vulnerable_artifacts_count_with_ignored of this VulnerabilityAudit. Count of all vulnerable application dependencies.

Returns:	The vulnerable_artifacts_count_with_ignored of this VulnerabilityAudit.
Return type:	int