Hi there! Are you looking for the official Deno documentation? Try docs.deno.com for all your Deno learning needs.

VulnerabilityNote

import type { VulnerabilityNote } from "https://googleapis.deno.dev/v1/containeranalysis:v1.ts";

A security vulnerability that can be found in resources.

interface VulnerabilityNote {
cvssScore?: number;
cvssV2?: CVSS;
cvssV3?: CVSSv3;
cvssVersion?: "CVSS_VERSION_UNSPECIFIED" | "CVSS_VERSION_2" | "CVSS_VERSION_3";
details?: Detail[];
severity?:
| "SEVERITY_UNSPECIFIED"
| "MINIMAL"
| "LOW"
| "MEDIUM"
| "HIGH"
| "CRITICAL";
sourceUpdateTime?: Date;
windowsDetails?: WindowsDetail[];
}

§Properties

§
cvssScore?: number
[src]

The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

§
cvssV2?: CVSS
[src]

The full description of the v2 CVSS for this vulnerability.

§
cvssV3?: CVSSv3
[src]

The full description of the CVSSv3 for this vulnerability.

§
cvssVersion?: "CVSS_VERSION_UNSPECIFIED" | "CVSS_VERSION_2" | "CVSS_VERSION_3"
[src]

CVSS version used to populate cvss_score and severity.

§
details?: Detail[]
[src]

Details of all known distros and packages affected by this vulnerability.

§
severity?: "SEVERITY_UNSPECIFIED" | "MINIMAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"
[src]

The note provider assigned severity of this vulnerability.

§
sourceUpdateTime?: Date
[src]

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

§
windowsDetails?: WindowsDetail[]
[src]

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.