vulnerabilities
Creates, updates, deletes, gets or lists a vulnerabilities resource.
Overview
| Name | vulnerabilities |
| Type | Resource |
| Id | google.ondemandscanning.vulnerabilities |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | Output only. The name of the occurrence in the form of projects/[PROJECT_ID]/occurrences/[OCCURRENCE_ID]. |
attestation | object | Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign. |
build | object | Details of a build occurrence. |
compliance | object | An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason. |
createTime | string | Output only. The time this occurrence was created. |
deployment | object | The period during which some deployable was active in a runtime. |
discovery | object | Provides information about the analysis status of a discovered resource. |
dsseAttestation | object | Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. |
envelope | object | MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. |
image | object | Details of the derived image portion of the DockerImage relationship. This image would be produced from a Dockerfile with FROM . |
kind | string | Output only. This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests. |
noteName | string | Required. Immutable. The analysis note associated with this occurrence, in the form of projects/[PROVIDER_ID]/notes/[NOTE_ID]. This field can be used as a filter in list requests. |
package | object | Details on how a particular software package was installed on a system. |
remediation | string | A description of actions that can be taken to remedy the note. |
resourceUri | string | Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, https://gcr.io/project/image@sha256:123abc for a Docker image. |
sbomReference | object | The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details. |
updateTime | string | Output only. The time this occurrence was last updated. |
upgrade | object | An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability). For Windows, both distribution and windows_update contain information for the Windows update. |
vulnerability | object | An occurrence of a severity vulnerability on a resource. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
list | SELECT | locationsId, projectsId, scansId | Lists vulnerabilities resulting from a successfully completed scan. |
SELECT examples
Lists vulnerabilities resulting from a successfully completed scan.
SELECT
name,
attestation,
build,
compliance,
createTime,
deployment,
discovery,
dsseAttestation,
envelope,
image,
kind,
noteName,
package,
remediation,
resourceUri,
sbomReference,
updateTime,
upgrade,
vulnerability
FROM google.ondemandscanning.vulnerabilities
WHERE locationsId = '{{ locationsId }}'
AND projectsId = '{{ projectsId }}'
AND scansId = '{{ scansId }}';