Reference documentation and code samples for the Grafeas V1 API module Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Justification::JustificationType.
Provides the type of justification.
Constants
JUSTIFICATION_TYPE_UNSPECIFIED
value: 0
JUSTIFICATION_TYPE_UNSPECIFIED.
COMPONENT_NOT_PRESENT
value: 1
The vulnerable component is not present in the product.
VULNERABLE_CODE_NOT_PRESENT
value: 2
The vulnerable code is not present. Typically this case
occurs when source code is configured or built in a way that excludes
the vulnerable code.
VULNERABLE_CODE_NOT_IN_EXECUTE_PATH
value: 3
The vulnerable code can not be executed.
Typically this case occurs when the product includes the vulnerable
code but does not call or use the vulnerable code.
VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY
value: 4
The vulnerable code cannot be controlled by an attacker to exploit
the vulnerability.
INLINE_MITIGATIONS_ALREADY_EXIST
value: 5
The product includes built-in protections or features that prevent
exploitation of the vulnerability. These built-in protections cannot
be subverted by the attacker and cannot be configured or disabled by
the user. These mitigations completely prevent exploitation based on
known attack vectors.