Class Vulnerability

Generated

from message cyclonedx.v1_5.Vulnerability

Hierarchy

Constructors

Properties

advisories: cdx_15.Advisory[] = []

Published advisories of the vulnerability if provided.

Generated

from field: repeated cyclonedx.v1_5.Advisory advisories = 10;

affects

Generated

from field: repeated cyclonedx.v1_5.VulnerabilityAffects affects = 17;

An assessment of the impact and exploitability of the vulnerability.

Generated

from field: optional cyclonedx.v1_5.VulnerabilityAnalysis analysis = 16;

bomRef?: string

An optional identifier which can be used to reference the vulnerability elsewhere in the BOM. Uniqueness is enforced within all elements and children of the root-level bom element.

Generated

from field: optional string bom_ref = 1;

created?: Timestamp

The date and time (timestamp) when the vulnerability record was created in the vulnerability database.

Generated

from field: optional google.protobuf.Timestamp created = 11;

Individuals or organizations credited with the discovery of the vulnerability.

Generated

from field: optional cyclonedx.v1_5.VulnerabilityCredits credits = 14;

cwes: number[] = []

List of Common Weaknesses Enumerations (CWEs) codes that describes this vulnerability. For example 399 (of https://cwe.mitre.org/data/definitions/399.html)

Generated

from field: repeated int32 cwes = 6;

description?: string

A description of the vulnerability as provided by the source.

Generated

from field: optional string description = 7;

detail?: string

If available, an in-depth description of the vulnerability as provided by the source organization. Details often include information useful in understanding root cause.

Generated

from field: optional string detail = 8;

id?: string

The identifier that uniquely identifies the vulnerability.

Generated

from field: optional string id = 2;

proofOfConcept?: cdx_15.ProofOfConcept

Evidence used to reproduce the vulnerability.

Generated

from field: optional cyclonedx.v1_5.ProofOfConcept proofOfConcept = 20;

properties: cdx_15.Property[] = []

Specifies optional, custom, properties

Generated

from field: repeated cyclonedx.v1_5.Property properties = 18;

published?: Timestamp

The date and time (timestamp) when the vulnerability record was first published.

Generated

from field: optional google.protobuf.Timestamp published = 12;

ratings: cdx_15.VulnerabilityRating[] = []

List of vulnerability ratings

Generated

from field: repeated cyclonedx.v1_5.VulnerabilityRating ratings = 5;

recommendation?: string

Recommendations of how the vulnerability can be remediated or mitigated.

Generated

from field: optional string recommendation = 9;

references: cdx_15.VulnerabilityReference[] = []

Zero or more pointers to vulnerabilities that are the equivalent of the vulnerability specified. Often times, the same vulnerability may exist in multiple sources of vulnerability intelligence, but have different identifiers. References provide a way to correlate vulnerabilities across multiple sources of vulnerability intelligence.

Generated

from field: repeated cyclonedx.v1_5.VulnerabilityReference references = 4;

rejected?: Timestamp

The date and time (timestamp) when the vulnerability record was rejected (if applicable).

Generated

from field: optional google.protobuf.Timestamp rejected = 19;

source?: cdx_15.Source

The source that published the vulnerability.

Generated

from field: optional cyclonedx.v1_5.Source source = 3;

tools?: cdx_15.Tool

The tool(s) used to identify, confirm, or score the vulnerability.

Generated

from field: optional cyclonedx.v1_5.Tool tools = 15;

updated?: Timestamp

The date and time (timestamp) when the vulnerability record was last updated.

Generated

from field: optional google.protobuf.Timestamp updated = 13;

workaround?: string

A bypass, usually temporary, of the vulnerability that reduces its likelihood and/or impact. Workarounds often involve changes to configuration or deployments.

Generated

from field: optional string workaround = 21;

fields: FieldList = ...
runtime: ProtoRuntime = proto3
typeName: "cyclonedx.v1_5.Vulnerability" = "cyclonedx.v1_5.Vulnerability"

Methods

  • Compare with a message of the same type.

    Parameters

    Returns boolean

  • Parse from binary data, merging fields.

    Repeated fields are appended. Map entries are added, overwriting existing keys.

    If a message field is already present, it will be merged with the new data.

    Parameters

    • bytes: Uint8Array
    • Optional options: Partial<BinaryReadOptions>

    Returns this

  • Parse a message from a JSON value.

    Parameters

    • jsonValue: JsonValue
    • Optional options: Partial<JsonReadOptions>

    Returns this

  • Parse a message from a JSON string.

    Parameters

    • jsonString: string
    • Optional options: Partial<JsonReadOptions>

    Returns this

  • Retrieve the MessageType of this message - a singleton that represents the protobuf message declaration and provides metadata for reflection- based operations.

    Returns MessageType<cdx_15.Vulnerability>

  • Serialize the message to binary data.

    Parameters

    • Optional options: Partial<BinaryWriteOptions>

    Returns Uint8Array

  • Override for serialization behavior. This will be invoked when calling JSON.stringify on this message (i.e. JSON.stringify(msg)).

    Note that this will not serialize google.protobuf.Any with a packed message because the protobuf JSON format specifies that it needs to be unpacked, and this is only possible with a type registry to look up the message type. As a result, attempting to serialize a message with this type will throw an Error.

    This method is protected because you should not need to invoke it directly -- instead use JSON.stringify or toJsonString for stringified JSON. Alternatively, if actual JSON is desired, you should use toJson.

    Returns JsonValue

  • Serialize the message to a JSON value, a JavaScript value that can be passed to JSON.stringify().

    Parameters

    • Optional options: Partial<JsonWriteOptions>

    Returns JsonValue

  • Serialize the message to a JSON string.

    Parameters

    • Optional options: Partial<JsonWriteStringOptions>

    Returns string