Class: Google::Cloud::OsConfig::V1::VulnerabilityReport

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/osconfig/v1/vulnerability.rb

Overview

This API resource represents the vulnerability report for a specified Compute Engine virtual machine (VM) instance at a given point in time.

For more information, see Vulnerability reports.

Defined Under Namespace

Classes: Vulnerability

Instance Attribute Summary collapse

Instance Attribute Details

#name::String (readonly) 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
 
# File 'proto_docs/google/cloud/osconfig/v1/vulnerability.rb', line 42

class VulnerabilityReport
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A vulnerability affecting the VM instance.
  # @!attribute [rw] details
  #   @return [::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details]
  #     Contains metadata as per the upstream feed of the operating system and
  #     NVD.
  # @!attribute [rw] installed_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
  #     This field displays the inventory items affected by this vulnerability.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. For some distros,
  #     this field may be empty.
  # @!attribute [rw] available_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. If there is no
  #     available fix, the field is empty. The `inventory_item` value specifies
  #     the latest `SoftwarePackage` available to the VM that fixes the
  #     vulnerability.
  # @!attribute [rw] create_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was first detected.
  # @!attribute [rw] update_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was last modified.
  # @!attribute [rw] items
  #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Item>]
  #     List of items affected by the vulnerability.
  class Vulnerability
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Contains metadata information for the vulnerability. This information is
    # collected from the upstream feed of the operating system.
    # @!attribute [rw] cve
    #   @return [::String]
    #     The CVE of the vulnerability. CVE cannot be
    #     empty and the combination of <cve, classification> should be unique
    #     across vulnerabilities for a VM.
    # @!attribute [rw] cvss_v2_score
    #   @return [::Float]
    #     The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of
    #     0 - 10 where 0 indicates low severity and 10 indicates high severity.
    # @!attribute [rw] cvss_v3
    #   @return [::Google::Cloud::OsConfig::V1::CVSSv3]
    #     The full description of the CVSSv3 for this vulnerability from NVD.
    # @!attribute [rw] severity
    #   @return [::String]
    #     Assigned severity/impact ranking from the distro.
    # @!attribute [rw] description
    #   @return [::String]
    #     The note or description describing the vulnerability from the distro.
    # @!attribute [rw] references
    #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details::Reference>]
    #     Corresponds to the references attached to the `VulnerabilityDetails`.
    class Details
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A reference for this vulnerability.
      # @!attribute [rw] url
      #   @return [::String]
      #     The url of the reference.
      # @!attribute [rw] source
      #   @return [::String]
      #     The source of the reference e.g. NVD.
      class Reference
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # OS inventory item that is affected by a vulnerability or fixed as a
    # result of a vulnerability.
    # @!attribute [rw] installed_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
    #     This field displays the inventory items affected by this vulnerability.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. For some
    #     operating systems, this field might be empty.
    # @!attribute [rw] available_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. If there is no
    #     available fix, the field is empty. The `inventory_item` value specifies
    #     the latest `SoftwarePackage` available to the VM that fixes the
    #     vulnerability.
    # @!attribute [rw] fixed_cpe_uri
    #   @return [::String]
    #     The recommended [CPE URI](https://cpe.mitre.org/specification/) update
    #     that contains a fix for this vulnerability.
    # @!attribute [rw] upstream_fix
    #   @return [::String]
    #     The upstream OS patch, packages or KB that fixes the vulnerability.
    class Item
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end
  end
end

#update_time::Google::Protobuf::Timestamp (readonly) 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
 
# File 'proto_docs/google/cloud/osconfig/v1/vulnerability.rb', line 42

class VulnerabilityReport
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A vulnerability affecting the VM instance.
  # @!attribute [rw] details
  #   @return [::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details]
  #     Contains metadata as per the upstream feed of the operating system and
  #     NVD.
  # @!attribute [rw] installed_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
  #     This field displays the inventory items affected by this vulnerability.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. For some distros,
  #     this field may be empty.
  # @!attribute [rw] available_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. If there is no
  #     available fix, the field is empty. The `inventory_item` value specifies
  #     the latest `SoftwarePackage` available to the VM that fixes the
  #     vulnerability.
  # @!attribute [rw] create_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was first detected.
  # @!attribute [rw] update_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was last modified.
  # @!attribute [rw] items
  #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Item>]
  #     List of items affected by the vulnerability.
  class Vulnerability
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Contains metadata information for the vulnerability. This information is
    # collected from the upstream feed of the operating system.
    # @!attribute [rw] cve
    #   @return [::String]
    #     The CVE of the vulnerability. CVE cannot be
    #     empty and the combination of <cve, classification> should be unique
    #     across vulnerabilities for a VM.
    # @!attribute [rw] cvss_v2_score
    #   @return [::Float]
    #     The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of
    #     0 - 10 where 0 indicates low severity and 10 indicates high severity.
    # @!attribute [rw] cvss_v3
    #   @return [::Google::Cloud::OsConfig::V1::CVSSv3]
    #     The full description of the CVSSv3 for this vulnerability from NVD.
    # @!attribute [rw] severity
    #   @return [::String]
    #     Assigned severity/impact ranking from the distro.
    # @!attribute [rw] description
    #   @return [::String]
    #     The note or description describing the vulnerability from the distro.
    # @!attribute [rw] references
    #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details::Reference>]
    #     Corresponds to the references attached to the `VulnerabilityDetails`.
    class Details
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A reference for this vulnerability.
      # @!attribute [rw] url
      #   @return [::String]
      #     The url of the reference.
      # @!attribute [rw] source
      #   @return [::String]
      #     The source of the reference e.g. NVD.
      class Reference
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # OS inventory item that is affected by a vulnerability or fixed as a
    # result of a vulnerability.
    # @!attribute [rw] installed_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
    #     This field displays the inventory items affected by this vulnerability.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. For some
    #     operating systems, this field might be empty.
    # @!attribute [rw] available_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. If there is no
    #     available fix, the field is empty. The `inventory_item` value specifies
    #     the latest `SoftwarePackage` available to the VM that fixes the
    #     vulnerability.
    # @!attribute [rw] fixed_cpe_uri
    #   @return [::String]
    #     The recommended [CPE URI](https://cpe.mitre.org/specification/) update
    #     that contains a fix for this vulnerability.
    # @!attribute [rw] upstream_fix
    #   @return [::String]
    #     The upstream OS patch, packages or KB that fixes the vulnerability.
    class Item
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end
  end
end

#vulnerabilities::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability> (readonly) 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
 
# File 'proto_docs/google/cloud/osconfig/v1/vulnerability.rb', line 42

class VulnerabilityReport
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A vulnerability affecting the VM instance.
  # @!attribute [rw] details
  #   @return [::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details]
  #     Contains metadata as per the upstream feed of the operating system and
  #     NVD.
  # @!attribute [rw] installed_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
  #     This field displays the inventory items affected by this vulnerability.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. For some distros,
  #     this field may be empty.
  # @!attribute [rw] available_inventory_item_ids
  #   @deprecated This field is deprecated and may be removed in the next major version update.
  #   @return [::Array<::String>]
  #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
  #     If the vulnerability report was not updated after the VM inventory
  #     update, these values might not display in VM inventory. If there is no
  #     available fix, the field is empty. The `inventory_item` value specifies
  #     the latest `SoftwarePackage` available to the VM that fixes the
  #     vulnerability.
  # @!attribute [rw] create_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was first detected.
  # @!attribute [rw] update_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The timestamp for when the vulnerability was last modified.
  # @!attribute [rw] items
  #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Item>]
  #     List of items affected by the vulnerability.
  class Vulnerability
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Contains metadata information for the vulnerability. This information is
    # collected from the upstream feed of the operating system.
    # @!attribute [rw] cve
    #   @return [::String]
    #     The CVE of the vulnerability. CVE cannot be
    #     empty and the combination of <cve, classification> should be unique
    #     across vulnerabilities for a VM.
    # @!attribute [rw] cvss_v2_score
    #   @return [::Float]
    #     The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of
    #     0 - 10 where 0 indicates low severity and 10 indicates high severity.
    # @!attribute [rw] cvss_v3
    #   @return [::Google::Cloud::OsConfig::V1::CVSSv3]
    #     The full description of the CVSSv3 for this vulnerability from NVD.
    # @!attribute [rw] severity
    #   @return [::String]
    #     Assigned severity/impact ranking from the distro.
    # @!attribute [rw] description
    #   @return [::String]
    #     The note or description describing the vulnerability from the distro.
    # @!attribute [rw] references
    #   @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details::Reference>]
    #     Corresponds to the references attached to the `VulnerabilityDetails`.
    class Details
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # A reference for this vulnerability.
      # @!attribute [rw] url
      #   @return [::String]
      #     The url of the reference.
      # @!attribute [rw] source
      #   @return [::String]
      #     The source of the reference e.g. NVD.
      class Reference
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # OS inventory item that is affected by a vulnerability or fixed as a
    # result of a vulnerability.
    # @!attribute [rw] installed_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
    #     This field displays the inventory items affected by this vulnerability.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. For some
    #     operating systems, this field might be empty.
    # @!attribute [rw] available_inventory_item_id
    #   @return [::String]
    #     Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
    #     If the vulnerability report was not updated after the VM inventory
    #     update, these values might not display in VM inventory. If there is no
    #     available fix, the field is empty. The `inventory_item` value specifies
    #     the latest `SoftwarePackage` available to the VM that fixes the
    #     vulnerability.
    # @!attribute [rw] fixed_cpe_uri
    #   @return [::String]
    #     The recommended [CPE URI](https://cpe.mitre.org/specification/) update
    #     that contains a fix for this vulnerability.
    # @!attribute [rw] upstream_fix
    #   @return [::String]
    #     The upstream OS patch, packages or KB that fixes the vulnerability.
    class Item
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end
  end
end