Vulnerability¶

class oci.adm.models.Vulnerability(**kwargs)¶

Bases: object

A vulnerability is a weakness or error in an artifact. A vulnerability is a generalization of a CVE (every CVE is a vulnerability, but not every vulnerability has a CVE).

Attributes

`SEVERITY_CRITICAL`	A constant which can be used with the severity property of a Vulnerability.
`SEVERITY_HIGH`	A constant which can be used with the severity property of a Vulnerability.
`SEVERITY_LOW`	A constant which can be used with the severity property of a Vulnerability.
`SEVERITY_MEDIUM`	A constant which can be used with the severity property of a Vulnerability.
`SEVERITY_NONE`	A constant which can be used with the severity property of a Vulnerability.
`cvss_v2_score`	Gets the cvss_v2_score of this Vulnerability.
`cvss_v3_score`	Gets the cvss_v3_score of this Vulnerability.
`id`	[Required] Gets the id of this Vulnerability.
`is_false_positive`	Gets the is_false_positive of this Vulnerability.
`is_ignored`	[Required] Gets the is_ignored of this Vulnerability.
`severity`	Gets the severity of this Vulnerability.
`source`	Gets the source of this Vulnerability.

Methods

__init__(**kwargs) Initializes a new Vulnerability object with values from keyword arguments.

SEVERITY_CRITICAL = 'CRITICAL'¶: A constant which can be used with the severity property of a Vulnerability. This constant has a value of “CRITICAL”

SEVERITY_HIGH = 'HIGH'¶: A constant which can be used with the severity property of a Vulnerability. This constant has a value of “HIGH”

SEVERITY_LOW = 'LOW'¶: A constant which can be used with the severity property of a Vulnerability. This constant has a value of “LOW”

SEVERITY_MEDIUM = 'MEDIUM'¶: A constant which can be used with the severity property of a Vulnerability. This constant has a value of “MEDIUM”

SEVERITY_NONE = 'NONE'¶: A constant which can be used with the severity property of a Vulnerability. This constant has a value of “NONE”

__init__(**kwargs)¶

Initializes a new Vulnerability object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this Vulnerability.
source (str) – The value to assign to the source property of this Vulnerability.
cvss_v2_score (float) – The value to assign to the cvss_v2_score property of this Vulnerability.
cvss_v3_score (float) – The value to assign to the cvss_v3_score property of this Vulnerability.
severity (str) – The value to assign to the severity property of this Vulnerability. Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
is_ignored (bool) – The value to assign to the is_ignored property of this Vulnerability.
is_false_positive (bool) – The value to assign to the is_false_positive property of this Vulnerability.

cvss_v2_score¶

Gets the cvss_v2_score of this Vulnerability. Common Vulnerability Scoring System (CVSS) Version 2, calculated from the metrics provided in the CVSS vector provided from the vulnerability source. This field is deprecated and will be removed in the future. The cvssV2Score can be obtained from the metrics field of the listVulnerabilities endpoint.

Returns:	The cvss_v2_score of this Vulnerability.
Return type:	float

cvss_v3_score¶

Gets the cvss_v3_score of this Vulnerability. Common Vulnerability Scoring System (CVSS) Version 3, calculated from the metrics provided in the CVSS vector provided from the vulnerability source. This field is deprecated and will be removed in the future. The cvssV3Score can be obtained from the metrics field of the listVulnerabilities endpoint.

Returns:	The cvss_v3_score of this Vulnerability.
Return type:	float

id¶

[Required] Gets the id of this Vulnerability. Unique vulnerability identifier, e.g. CVE-1999-0067.

Returns:	The id of this Vulnerability.
Return type:	str

is_false_positive¶

Gets the is_false_positive of this Vulnerability. Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.

Returns:	The is_false_positive of this Vulnerability.
Return type:	bool

is_ignored¶

[Required] Gets the is_ignored of this Vulnerability. Indicates if the vulnerability was ignored according to the audit configuration.

Returns:	The is_ignored of this Vulnerability.
Return type:	bool

severity¶

Gets the severity of this Vulnerability. ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.

Allowed values for this property are: “NONE”, “LOW”, “MEDIUM”, “HIGH”, “CRITICAL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The severity of this Vulnerability.
Return type:	str

source¶

Gets the source of this Vulnerability. Source that published the vulnerability

Returns:	The source of this Vulnerability.
Return type:	str