Class Vulnerability

Generated

from message cyclonedx.v1_6.Vulnerability

Hierarchy

Constructors

constructor

Properties

advisories affects analysis? bomRef? created? credits? cwes description? detail? id? proofOfConcept? properties published? ratings recommendation? references rejected? source? tools? updated? workaround? fields runtime typeName

Methods

clone equals fromBinary fromJson fromJsonString getType toBinary toJSON toJson toJsonString equals fromBinary fromJson fromJsonString

Constructors

constructor

Properties

advisories

advisories: cdx_16.Advisory[] = []

Published advisories of the vulnerability if provided.

Generated

from field: repeated cyclonedx.v1_6.Advisory advisories = 10;

affects

affects: cdx_16.VulnerabilityAffects[] = []

affects

Generated

from field: repeated cyclonedx.v1_6.VulnerabilityAffects affects = 17;

Optional analysis

analysis?: cdx_16.VulnerabilityAnalysis

An assessment of the impact and exploitability of the vulnerability.

Generated

from field: optional cyclonedx.v1_6.VulnerabilityAnalysis analysis = 16;

Optional bomRef

bomRef?: string

An optional identifier which can be used to reference the vulnerability elsewhere in the BOM. Uniqueness is enforced within all elements and children of the root-level bom element.

Generated

from field: optional string bom_ref = 1;

Optional created

created?: Timestamp

The date and time (timestamp) when the vulnerability record was created in the vulnerability database.

Generated

from field: optional google.protobuf.Timestamp created = 11;

Optional credits

credits?: cdx_16.VulnerabilityCredits

Individuals or organizations credited with the discovery of the vulnerability.

Generated

from field: optional cyclonedx.v1_6.VulnerabilityCredits credits = 14;

cwes

cwes: number[] = []

List of Common Weaknesses Enumerations (CWEs) codes that describe this vulnerability. For example, 399 (of https://cwe.mitre.org/data/definitions/399.html)

Generated

from field: repeated int32 cwes = 6;

Optional description

description?: string

A description of the vulnerability as provided by the source.

Generated

from field: optional string description = 7;

Optional detail

detail?: string

If available, an in-depth description of the vulnerability as provided by the source organization. Details often include information useful in understanding the root cause.

Generated

from field: optional string detail = 8;

Optional id

id?: string

The identifier that uniquely identifies the vulnerability.

Generated

from field: optional string id = 2;

Optional proofOfConcept

proofOfConcept?: cdx_16.ProofOfConcept

Evidence used to reproduce the vulnerability.

Generated

from field: optional cyclonedx.v1_6.ProofOfConcept proofOfConcept = 20;

properties

properties: cdx_16.Property[] = []

Specifies optional, custom, properties

Generated

from field: repeated cyclonedx.v1_6.Property properties = 18;

Optional published

published?: Timestamp

The date and time (timestamp) when the vulnerability record was first published.

Generated

from field: optional google.protobuf.Timestamp published = 12;

ratings

ratings: cdx_16.VulnerabilityRating[] = []

List of vulnerability ratings

Generated

from field: repeated cyclonedx.v1_6.VulnerabilityRating ratings = 5;

Optional recommendation

recommendation?: string

Recommendations of how the vulnerability can be remediated or mitigated.

Generated

from field: optional string recommendation = 9;

references

references: cdx_16.VulnerabilityReference[] = []

Zero or more pointers to vulnerabilities that are the equivalent of the vulnerability specified. Oftentimes, the same vulnerability may exist in multiple sources of vulnerability intelligence but have different identifiers. References provide a way to correlate vulnerabilities across multiple sources of vulnerability intelligence.

Generated

from field: repeated cyclonedx.v1_6.VulnerabilityReference references = 4;

Optional rejected

rejected?: Timestamp

The date and time (timestamp) when the vulnerability record was rejected (if applicable).

Generated

from field: optional google.protobuf.Timestamp rejected = 19;

Optional source

source?: cdx_16.Source

The source that published the vulnerability.

Generated

from field: optional cyclonedx.v1_6.Source source = 3;

Optional tools

tools?: cdx_16.Tool

The tool(s) used to identify, confirm, or score the vulnerability.

Generated

from field: optional cyclonedx.v1_6.Tool tools = 15;

Optional updated

updated?: Timestamp

The date and time (timestamp) when the vulnerability record was last updated.

Generated

from field: optional google.protobuf.Timestamp updated = 13;

Optional workaround

workaround?: string

A bypass, usually temporary, of the vulnerability that reduces its likelihood and/or impact. Workarounds often involve changes to configuration or deployments.

Generated

from field: optional string workaround = 21;

Static Readonly fields

fields: FieldList = ...

Static Readonly runtime

runtime: ProtoRuntime = proto3

Static Readonly typeName

typeName: "cyclonedx.v1_6.Vulnerability" = "cyclonedx.v1_6.Vulnerability"

Methods

clone

equals

  • equals(other): boolean

  • Compare with a message of the same type.

    Parameters

    Returns boolean

fromBinary

  • fromBinary(bytes, options?): this

  • Parse from binary data, merging fields.

    Repeated fields are appended. Map entries are added, overwriting existing keys.

    If a message field is already present, it will be merged with the new data.

    Parameters

    • bytes: Uint8Array
    • Optional options: Partial<BinaryReadOptions>

    Returns this

fromJson

  • fromJson(jsonValue, options?): this

  • Parse a message from a JSON value.

    Parameters

    • jsonValue: JsonValue
    • Optional options: Partial<JsonReadOptions>

    Returns this

fromJsonString

  • fromJsonString(jsonString, options?): this

  • Parse a message from a JSON string.

    Parameters

    • jsonString: string
    • Optional options: Partial<JsonReadOptions>

    Returns this

getType

  • getType(): MessageType<cdx_16.Vulnerability>

  • Retrieve the MessageType of this message - a singleton that represents the protobuf message declaration and provides metadata for reflection- based operations.

    Returns MessageType<cdx_16.Vulnerability>

toBinary

  • toBinary(options?): Uint8Array

  • Serialize the message to binary data.

    Parameters

    • Optional options: Partial<BinaryWriteOptions>

    Returns Uint8Array

Protected toJSON

  • toJSON(): JsonValue

  • Override for serialization behavior. This will be invoked when calling JSON.stringify on this message (i.e. JSON.stringify(msg)).

    Note that this will not serialize google.protobuf.Any with a packed message because the protobuf JSON format specifies that it needs to be unpacked, and this is only possible with a type registry to look up the message type. As a result, attempting to serialize a message with this type will throw an Error.

    This method is protected because you should not need to invoke it directly -- instead use JSON.stringify or toJsonString for stringified JSON. Alternatively, if actual JSON is desired, you should use toJson.

    Returns JsonValue

toJson

  • toJson(options?): JsonValue

  • Serialize the message to a JSON value, a JavaScript value that can be passed to JSON.stringify().

    Parameters

    • Optional options: Partial<JsonWriteOptions>

    Returns JsonValue

toJsonString

  • toJsonString(options?): string

  • Serialize the message to a JSON string.

    Parameters

    • Optional options: Partial<JsonWriteStringOptions>

    Returns string

Static equals

Static fromBinary

Static fromJson

Static fromJsonString

Settings

Member Visibility

Theme

On This Page

constructoradvisoriesaffectsanalysisbomRefcreatedcreditscwesdescriptiondetailidproofOfConceptpropertiespublishedratingsrecommendationreferencesrejectedsourcetoolsupdatedworkaroundfieldsruntimetypeNamecloneequalsfromBinaryfromJsonfromJsonStringgetTypetoBinarytoJSONtoJsontoJsonStringequalsfromBinaryfromJsonfromJsonString