Grafeas V1 Client - Class VulnerabilityOccurrence (0.6.0)

Reference documentation and code samples for the Grafeas V1 Client class VulnerabilityOccurrence.

An occurrence of a severity vulnerability on a resource.

Generated from protobuf message grafeas.v1.VulnerabilityOccurrence

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ type string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

↳ severity int

Output only. The note provider assigned severity of this vulnerability.

↳ cvss_score float

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

↳ cvssv3 Grafeas\V1\CVSS

The cvss v3 score for the vulnerability.

↳ package_issue array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>

Required. The set of affected locations and their fixes (if available) within the associated resource.

↳ short_description string

Output only. A one sentence description of this vulnerability.

↳ long_description string

Output only. A detailed description of this vulnerability.

↳ related_urls array<Grafeas\V1\RelatedUrl>

Output only. URLs related to this vulnerability.

↳ effective_severity int

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

↳ fix_available bool

Output only. Whether at least one of the affected packages has a fix available.

↳ cvss_version int

Output only. CVSS version used to populate cvss_score and severity.

↳ cvss_v2 Grafeas\V1\CVSS

The cvss v2 score for the vulnerability.

↳ vex_assessment Grafeas\V1\VulnerabilityOccurrence\VexAssessment

getType

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Returns
TypeDescription
string

setType

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getSeverity

Output only. The note provider assigned severity of this vulnerability.

Returns
TypeDescription
int

setSeverity

Output only. The note provider assigned severity of this vulnerability.

Parameter
NameDescription
var int
Returns
TypeDescription
$this

getCvssScore

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Returns
TypeDescription
float

setCvssScore

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Parameter
NameDescription
var float
Returns
TypeDescription
$this

getCvssv3

The cvss v3 score for the vulnerability.

Returns
TypeDescription
Grafeas\V1\CVSS|null

hasCvssv3

clearCvssv3

setCvssv3

The cvss v3 score for the vulnerability.

Parameter
NameDescription
var Grafeas\V1\CVSS
Returns
TypeDescription
$this

getPackageIssue

Required. The set of affected locations and their fixes (if available) within the associated resource.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setPackageIssue

Required. The set of affected locations and their fixes (if available) within the associated resource.

Parameter
NameDescription
var array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>
Returns
TypeDescription
$this

getShortDescription

Output only. A one sentence description of this vulnerability.

Returns
TypeDescription
string

setShortDescription

Output only. A one sentence description of this vulnerability.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getLongDescription

Output only. A detailed description of this vulnerability.

Returns
TypeDescription
string

setLongDescription

Output only. A detailed description of this vulnerability.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getRelatedUrls

Output only. URLs related to this vulnerability.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setRelatedUrls

Output only. URLs related to this vulnerability.

Parameter
NameDescription
var array<Grafeas\V1\RelatedUrl>
Returns
TypeDescription
$this

getEffectiveSeverity

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.

When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

Returns
TypeDescription
int

setEffectiveSeverity

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.

When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

Parameter
NameDescription
var int
Returns
TypeDescription
$this

getFixAvailable

Output only. Whether at least one of the affected packages has a fix available.

Returns
TypeDescription
bool

setFixAvailable

Output only. Whether at least one of the affected packages has a fix available.

Parameter
NameDescription
var bool
Returns
TypeDescription
$this

getCvssVersion

Output only. CVSS version used to populate cvss_score and severity.

Returns
TypeDescription
int

setCvssVersion

Output only. CVSS version used to populate cvss_score and severity.

Parameter
NameDescription
var int
Returns
TypeDescription
$this

getCvssV2

The cvss v2 score for the vulnerability.

Returns
TypeDescription
Grafeas\V1\CVSS|null

hasCvssV2

clearCvssV2

setCvssV2

The cvss v2 score for the vulnerability.

Parameter
NameDescription
var Grafeas\V1\CVSS
Returns
TypeDescription
$this

getVexAssessment

Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;

Returns
TypeDescription
Grafeas\V1\VulnerabilityOccurrence\VexAssessment|null

hasVexAssessment

clearVexAssessment

setVexAssessment

Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;

Parameter
NameDescription
var Grafeas\V1\VulnerabilityOccurrence\VexAssessment
Returns
TypeDescription
$this