Interface Vulnerability

Data related to a specific vulnerability in a specific workspace that the vulnerability is present in. Must specify at least one association.

interface Vulnerability {
    associations?: {}[];
    containerId: string;
    description: string;
    displayName: string;
    id: string;
    identifiers?: {
        displayName: string;
        url: string;
    }[];
    introducedDate: string;
    lastUpdated: string;
    schemaVersion: string;
    severity: {
        level: string;
    };
    status: string;
    type: string;
    updateSequenceNumber: number;
    url: string;
}

Properties

associations? containerId description displayName id identifiers? introducedDate lastUpdated schemaVersion severity status type updateSequenceNumber url

Properties

Optional associations

associations?: {}[]

The entities to associate the Security Vulnerability information with.

Type declaration

    containerId

    containerId: string

    The identifier of the Container where this Vulnerability was found. Must be unique for a given Provider.

    description

    description: string

    A description of the issue in Markdown format. Will be shown in the UI and used when creating Jira Issues.

    displayName

    displayName: string

    The human-readable name for the Vulnerability. Will be shown in the UI.

    If not provided, will use the ID for display.

    id

    id: string

    The identifier for the Vulnerability. Must be unique for a given Provider.

    Optional identifiers

    identifiers?: {
        displayName: string;
        url: string;
    }[]

    The identifying information for the Vulnerability.

    Type declaration

    • displayName: string

      The display name of the Vulnerability identified.

    • url: string

      A URL users can use to link to the definition of the Vulnerability identified.

    introducedDate

    introducedDate: string

    The timestamp to present to the user that shows when the Vulnerability was introduced.

    Expected format is an RFC3339 formatted string.

    lastUpdated

    lastUpdated: string

    The last-updated timestamp to present to the user the last time the Vulnerability was updated.

    Expected format is an RFC3339 formatted string.

    schemaVersion

    schemaVersion: string

    The VulnerabilityData schema version used for this vulnerability data.

    Placeholder to support potential schema changes in the future.

    severity

    severity: {
        level: string;
    }

    Severity information for a single Vulnerability.

    This is the severity information that will be presented to the user on e.g. the Jira Security screen.

    Type declaration

    • level: string

      The severity level of the Vulnerability.

    status

    status: string

    The current status of the Vulnerability.

    type

    type: string

    The type of Vulnerability detected.

    updateSequenceNumber

    updateSequenceNumber: number

    An ID used to apply an ordering to updates for this Vulnerability in the case of out-of-order receipt of update requests.

    This can be any monotonically increasing number. A suggested implementation is to use epoch millis from the Provider system, but other alternatives are valid (e.g. a Provider could store a counter against each Vulnerability and increment that on each update to Jira).

    Updates for a Vulnerability that are received with an updateSqeuenceId lower than what is currently stored will be ignored.

    url

    url: string

    A URL users can use to link to a summary view of this vulnerability, if appropriate.

    This could be any location that makes sense in the Provider system (e.g. if the summary information comes from a specific project, it might make sense to link the user to the vulnerability in that project).

    Settings

    Member Visibility

    Theme

    On This Page

    associationscontainerIddescriptiondisplayNameididentifiersintroducedDatelastUpdatedschemaVersionseveritystatustypeupdateSequenceNumberurl