Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	Severity_name = map[int32]string{
		0: "SEVERITY_UNSPECIFIED",
		1: "MINIMAL",
		2: "LOW",
		3: "MEDIUM",
		4: "HIGH",
		5: "CRITICAL",
	}
	Severity_value = map[string]int32{
		"SEVERITY_UNSPECIFIED": 0,
		"MINIMAL":              1,
		"LOW":                  2,
		"MEDIUM":               3,
		"HIGH":                 4,
		"CRITICAL":             5,
	}
)

Enum value maps for Severity.

View Source
var File_google_devtools_containeranalysis_v1beta1_vulnerability_vulnerability_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Details

type Details struct {

	// The type of package; whether native or non native(ruby gems, node.js
	// packages etc)
	Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"`
	// Output only. The note provider assigned Severity of the vulnerability.
	Severity Severity `protobuf:"varint,2,opt,name=severity,proto3,enum=grafeas.v1beta1.vulnerability.Severity" json:"severity,omitempty"`
	// Output only. The CVSS score of this vulnerability. CVSS score is on a
	// scale of 0-10 where 0 indicates low severity and 10 indicates high
	// severity.
	CvssScore float32 `protobuf:"fixed32,3,opt,name=cvss_score,json=cvssScore,proto3" json:"cvss_score,omitempty"`
	// Required. The set of affected locations and their fixes (if available)
	// within the associated resource.
	PackageIssue []*PackageIssue `protobuf:"bytes,4,rep,name=package_issue,json=packageIssue,proto3" json:"package_issue,omitempty"`
	// Output only. A one sentence description of this vulnerability.
	ShortDescription string `protobuf:"bytes,5,opt,name=short_description,json=shortDescription,proto3" json:"short_description,omitempty"`
	// Output only. A detailed description of this vulnerability.
	LongDescription string `protobuf:"bytes,6,opt,name=long_description,json=longDescription,proto3" json:"long_description,omitempty"`
	// Output only. URLs related to this vulnerability.
	RelatedUrls []*common.RelatedUrl `protobuf:"bytes,7,rep,name=related_urls,json=relatedUrls,proto3" json:"related_urls,omitempty"`
	// The distro assigned severity for this vulnerability when it is
	// available, and note provider assigned severity when distro has not yet
	// assigned a severity for this vulnerability.
	EffectiveSeverity Severity `` /* 157-byte string literal not displayed */
	// contains filtered or unexported fields
}

Details of a vulnerability Occurrence.

func (*Details) Descriptor

func (*Details) Descriptor() ([]byte, []int)

Deprecated: Use Details.ProtoReflect.Descriptor instead.

func (*Details) GetCvssScore

func (x *Details) GetCvssScore() float32

func (*Details) GetEffectiveSeverity

func (x *Details) GetEffectiveSeverity() Severity

func (*Details) GetLongDescription

func (x *Details) GetLongDescription() string

func (*Details) GetPackageIssue

func (x *Details) GetPackageIssue() []*PackageIssue

func (*Details) GetRelatedUrls

func (x *Details) GetRelatedUrls() []*common.RelatedUrl

func (*Details) GetSeverity

func (x *Details) GetSeverity() Severity

func (*Details) GetShortDescription

func (x *Details) GetShortDescription() string

func (*Details) GetType

func (x *Details) GetType() string

func (*Details) ProtoMessage

func (*Details) ProtoMessage()

func (*Details) ProtoReflect

func (x *Details) ProtoReflect() protoreflect.Message

func (*Details) Reset

func (x *Details) Reset()

func (*Details) String

func (x *Details) String() string

type PackageIssue

type PackageIssue struct {

	// Required. The location of the vulnerability.
	AffectedLocation *VulnerabilityLocation `protobuf:"bytes,1,opt,name=affected_location,json=affectedLocation,proto3" json:"affected_location,omitempty"`
	// The location of the available fix for vulnerability.
	FixedLocation *VulnerabilityLocation `protobuf:"bytes,2,opt,name=fixed_location,json=fixedLocation,proto3" json:"fixed_location,omitempty"`
	// Deprecated, use Details.effective_severity instead
	// The severity (e.g., distro assigned severity) for this vulnerability.
	SeverityName string `protobuf:"bytes,3,opt,name=severity_name,json=severityName,proto3" json:"severity_name,omitempty"`
	// contains filtered or unexported fields
}

This message wraps a location affected by a vulnerability and its associated fix (if one is available).

func (*PackageIssue) Descriptor

func (*PackageIssue) Descriptor() ([]byte, []int)

Deprecated: Use PackageIssue.ProtoReflect.Descriptor instead.

func (*PackageIssue) GetAffectedLocation

func (x *PackageIssue) GetAffectedLocation() *VulnerabilityLocation

func (*PackageIssue) GetFixedLocation

func (x *PackageIssue) GetFixedLocation() *VulnerabilityLocation

func (*PackageIssue) GetSeverityName

func (x *PackageIssue) GetSeverityName() string

func (*PackageIssue) ProtoMessage

func (*PackageIssue) ProtoMessage()

func (*PackageIssue) ProtoReflect

func (x *PackageIssue) ProtoReflect() protoreflect.Message

func (*PackageIssue) Reset

func (x *PackageIssue) Reset()

func (*PackageIssue) String

func (x *PackageIssue) String() string

type Severity

type Severity int32

Note provider-assigned severity/impact ranking.

const (
	// Unknown.
	Severity_SEVERITY_UNSPECIFIED Severity = 0
	// Minimal severity.
	Severity_MINIMAL Severity = 1
	// Low severity.
	Severity_LOW Severity = 2
	// Medium severity.
	Severity_MEDIUM Severity = 3
	// High severity.
	Severity_HIGH Severity = 4
	// Critical severity.
	Severity_CRITICAL Severity = 5
)

func (Severity) Descriptor

func (Severity) Descriptor() protoreflect.EnumDescriptor

func (Severity) Enum

func (x Severity) Enum() *Severity

func (Severity) EnumDescriptor

func (Severity) EnumDescriptor() ([]byte, []int)

Deprecated: Use Severity.Descriptor instead.

func (Severity) Number

func (x Severity) Number() protoreflect.EnumNumber

func (Severity) String

func (x Severity) String() string

func (Severity) Type

type Vulnerability

type Vulnerability struct {

	// The CVSS score for this vulnerability.
	CvssScore float32 `protobuf:"fixed32,1,opt,name=cvss_score,json=cvssScore,proto3" json:"cvss_score,omitempty"`
	// Note provider assigned impact of the vulnerability.
	Severity Severity `protobuf:"varint,2,opt,name=severity,proto3,enum=grafeas.v1beta1.vulnerability.Severity" json:"severity,omitempty"`
	// All information about the package to specifically identify this
	// vulnerability. One entry per (version range and cpe_uri) the package
	// vulnerability has manifested in.
	Details []*Vulnerability_Detail `protobuf:"bytes,3,rep,name=details,proto3" json:"details,omitempty"`
	// The full description of the CVSSv3.
	CvssV3 *cvss.CVSSv3 `protobuf:"bytes,4,opt,name=cvss_v3,json=cvssV3,proto3" json:"cvss_v3,omitempty"`
	// Windows details get their own format because the information format and
	// model don't match a normal detail. Specifically Windows updates are done as
	// patches, thus Windows vulnerabilities really are a missing package, rather
	// than a package being at an incorrect version.
	WindowsDetails []*Vulnerability_WindowsDetail `protobuf:"bytes,5,rep,name=windows_details,json=windowsDetails,proto3" json:"windows_details,omitempty"`
	// The time this information was last changed at the source. This is an
	// upstream timestamp from the underlying information source - e.g. Ubuntu
	// security tracker.
	SourceUpdateTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=source_update_time,json=sourceUpdateTime,proto3" json:"source_update_time,omitempty"`
	// contains filtered or unexported fields
}

Vulnerability provides metadata about a security vulnerability in a Note.

func (*Vulnerability) Descriptor

func (*Vulnerability) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability.ProtoReflect.Descriptor instead.

func (*Vulnerability) GetCvssScore

func (x *Vulnerability) GetCvssScore() float32

func (*Vulnerability) GetCvssV3

func (x *Vulnerability) GetCvssV3() *cvss.CVSSv3

func (*Vulnerability) GetDetails

func (x *Vulnerability) GetDetails() []*Vulnerability_Detail

func (*Vulnerability) GetSeverity

func (x *Vulnerability) GetSeverity() Severity

func (*Vulnerability) GetSourceUpdateTime

func (x *Vulnerability) GetSourceUpdateTime() *timestamppb.Timestamp

func (*Vulnerability) GetWindowsDetails

func (x *Vulnerability) GetWindowsDetails() []*Vulnerability_WindowsDetail

func (*Vulnerability) ProtoMessage

func (*Vulnerability) ProtoMessage()

func (*Vulnerability) ProtoReflect

func (x *Vulnerability) ProtoReflect() protoreflect.Message

func (*Vulnerability) Reset

func (x *Vulnerability) Reset()

func (*Vulnerability) String

func (x *Vulnerability) String() string

type VulnerabilityLocation

type VulnerabilityLocation struct {

	// Required. The CPE URI in [cpe format](https://cpe.mitre.org/specification/)
	// format. Examples include distro or storage location for vulnerable jar.
	CpeUri string `protobuf:"bytes,1,opt,name=cpe_uri,json=cpeUri,proto3" json:"cpe_uri,omitempty"`
	// Required. The package being described.
	Package string `protobuf:"bytes,2,opt,name=package,proto3" json:"package,omitempty"`
	// Required. The version of the package being described.
	Version *_package.Version `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

The location of the vulnerability.

func (*VulnerabilityLocation) Descriptor

func (*VulnerabilityLocation) Descriptor() ([]byte, []int)

Deprecated: Use VulnerabilityLocation.ProtoReflect.Descriptor instead.

func (*VulnerabilityLocation) GetCpeUri

func (x *VulnerabilityLocation) GetCpeUri() string

func (*VulnerabilityLocation) GetPackage

func (x *VulnerabilityLocation) GetPackage() string

func (*VulnerabilityLocation) GetVersion

func (x *VulnerabilityLocation) GetVersion() *_package.Version

func (*VulnerabilityLocation) ProtoMessage

func (*VulnerabilityLocation) ProtoMessage()

func (*VulnerabilityLocation) ProtoReflect

func (x *VulnerabilityLocation) ProtoReflect() protoreflect.Message

func (*VulnerabilityLocation) Reset

func (x *VulnerabilityLocation) Reset()

func (*VulnerabilityLocation) String

func (x *VulnerabilityLocation) String() string

type Vulnerability_Detail

type Vulnerability_Detail struct {

	// Required. The CPE URI in
	// [cpe format](https://cpe.mitre.org/specification/) in which the
	// vulnerability manifests. Examples include distro or storage location for
	// vulnerable jar.
	CpeUri string `protobuf:"bytes,1,opt,name=cpe_uri,json=cpeUri,proto3" json:"cpe_uri,omitempty"`
	// Required. The name of the package where the vulnerability was found.
	Package string `protobuf:"bytes,2,opt,name=package,proto3" json:"package,omitempty"`
	// The min version of the package in which the vulnerability exists.
	MinAffectedVersion *_package.Version `protobuf:"bytes,3,opt,name=min_affected_version,json=minAffectedVersion,proto3" json:"min_affected_version,omitempty"`
	// The max version of the package in which the vulnerability exists.
	MaxAffectedVersion *_package.Version `protobuf:"bytes,4,opt,name=max_affected_version,json=maxAffectedVersion,proto3" json:"max_affected_version,omitempty"`
	// The severity (eg: distro assigned severity) for this vulnerability.
	SeverityName string `protobuf:"bytes,5,opt,name=severity_name,json=severityName,proto3" json:"severity_name,omitempty"`
	// A vendor-specific description of this note.
	Description string `protobuf:"bytes,6,opt,name=description,proto3" json:"description,omitempty"`
	// The fix for this specific package version.
	FixedLocation *VulnerabilityLocation `protobuf:"bytes,7,opt,name=fixed_location,json=fixedLocation,proto3" json:"fixed_location,omitempty"`
	// The type of package; whether native or non native(ruby gems, node.js
	// packages etc).
	PackageType string `protobuf:"bytes,8,opt,name=package_type,json=packageType,proto3" json:"package_type,omitempty"`
	// Whether this detail is obsolete. Occurrences are expected not to point to
	// obsolete details.
	IsObsolete bool `protobuf:"varint,9,opt,name=is_obsolete,json=isObsolete,proto3" json:"is_obsolete,omitempty"`
	// The time this information was last changed at the source. This is an
	// upstream timestamp from the underlying information source - e.g. Ubuntu
	// security tracker.
	SourceUpdateTime *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=source_update_time,json=sourceUpdateTime,proto3" json:"source_update_time,omitempty"`
	// contains filtered or unexported fields
}

Identifies all appearances of this vulnerability in the package for a specific distro/location. For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2

func (*Vulnerability_Detail) Descriptor

func (*Vulnerability_Detail) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability_Detail.ProtoReflect.Descriptor instead.

func (*Vulnerability_Detail) GetCpeUri

func (x *Vulnerability_Detail) GetCpeUri() string

func (*Vulnerability_Detail) GetDescription

func (x *Vulnerability_Detail) GetDescription() string

func (*Vulnerability_Detail) GetFixedLocation

func (x *Vulnerability_Detail) GetFixedLocation() *VulnerabilityLocation

func (*Vulnerability_Detail) GetIsObsolete

func (x *Vulnerability_Detail) GetIsObsolete() bool

func (*Vulnerability_Detail) GetMaxAffectedVersion

func (x *Vulnerability_Detail) GetMaxAffectedVersion() *_package.Version

func (*Vulnerability_Detail) GetMinAffectedVersion

func (x *Vulnerability_Detail) GetMinAffectedVersion() *_package.Version

func (*Vulnerability_Detail) GetPackage

func (x *Vulnerability_Detail) GetPackage() string

func (*Vulnerability_Detail) GetPackageType

func (x *Vulnerability_Detail) GetPackageType() string

func (*Vulnerability_Detail) GetSeverityName

func (x *Vulnerability_Detail) GetSeverityName() string

func (*Vulnerability_Detail) GetSourceUpdateTime

func (x *Vulnerability_Detail) GetSourceUpdateTime() *timestamppb.Timestamp

func (*Vulnerability_Detail) ProtoMessage

func (*Vulnerability_Detail) ProtoMessage()

func (*Vulnerability_Detail) ProtoReflect

func (x *Vulnerability_Detail) ProtoReflect() protoreflect.Message

func (*Vulnerability_Detail) Reset

func (x *Vulnerability_Detail) Reset()

func (*Vulnerability_Detail) String

func (x *Vulnerability_Detail) String() string

type Vulnerability_WindowsDetail

type Vulnerability_WindowsDetail struct {

	// Required. The CPE URI in
	// [cpe format](https://cpe.mitre.org/specification/) in which the
	// vulnerability manifests. Examples include distro or storage location for
	// vulnerable jar.
	CpeUri string `protobuf:"bytes,1,opt,name=cpe_uri,json=cpeUri,proto3" json:"cpe_uri,omitempty"`
	// Required. The name of the vulnerability.
	Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	// The description of the vulnerability.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// Required. The names of the KBs which have hotfixes to mitigate this
	// vulnerability. Note that there may be multiple hotfixes (and thus
	// multiple KBs) that mitigate a given vulnerability. Currently any listed
	// kb's presence is considered a fix.
	FixingKbs []*Vulnerability_WindowsDetail_KnowledgeBase `protobuf:"bytes,4,rep,name=fixing_kbs,json=fixingKbs,proto3" json:"fixing_kbs,omitempty"`
	// contains filtered or unexported fields
}

func (*Vulnerability_WindowsDetail) Descriptor

func (*Vulnerability_WindowsDetail) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability_WindowsDetail.ProtoReflect.Descriptor instead.

func (*Vulnerability_WindowsDetail) GetCpeUri

func (x *Vulnerability_WindowsDetail) GetCpeUri() string

func (*Vulnerability_WindowsDetail) GetDescription

func (x *Vulnerability_WindowsDetail) GetDescription() string

func (*Vulnerability_WindowsDetail) GetFixingKbs

func (*Vulnerability_WindowsDetail) GetName

func (x *Vulnerability_WindowsDetail) GetName() string

func (*Vulnerability_WindowsDetail) ProtoMessage

func (*Vulnerability_WindowsDetail) ProtoMessage()

func (*Vulnerability_WindowsDetail) ProtoReflect

func (*Vulnerability_WindowsDetail) Reset

func (x *Vulnerability_WindowsDetail) Reset()

func (*Vulnerability_WindowsDetail) String

func (x *Vulnerability_WindowsDetail) String() string

type Vulnerability_WindowsDetail_KnowledgeBase

type Vulnerability_WindowsDetail_KnowledgeBase struct {

	// The KB name (generally of the form KB[0-9]+ i.e. KB123456).
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// A link to the KB in the Windows update catalog -
	// https://www.catalog.update.microsoft.com/
	Url string `protobuf:"bytes,2,opt,name=url,proto3" json:"url,omitempty"`
	// contains filtered or unexported fields
}

func (*Vulnerability_WindowsDetail_KnowledgeBase) Descriptor

func (*Vulnerability_WindowsDetail_KnowledgeBase) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability_WindowsDetail_KnowledgeBase.ProtoReflect.Descriptor instead.

func (*Vulnerability_WindowsDetail_KnowledgeBase) GetName

func (*Vulnerability_WindowsDetail_KnowledgeBase) GetUrl

func (*Vulnerability_WindowsDetail_KnowledgeBase) ProtoMessage

func (*Vulnerability_WindowsDetail_KnowledgeBase) ProtoReflect

func (*Vulnerability_WindowsDetail_KnowledgeBase) Reset

func (*Vulnerability_WindowsDetail_KnowledgeBase) String