Chiebot-Mirror
/
googleapis
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Synchronize new proto/yaml changes.

Browse Source 
PiperOrigin-RevId: 254446031
pull/566/head
Google APIs 6 years ago committed by Copybara-Service
parent c9546320bb
commit de1150ccad
1 changed files with 36 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 55
      grafeas/v1/vulnerability.proto

55
grafeas/v1/vulnerability.proto
Unescape View File

@ -73,25 +73,42 @@ message VulnerabilityNote {
// Required. The package this vulnerability affects.
string affected_package = 5;
// Required. The minimum version of the package this vulnerability affects.
grafeas.v1.Version min_affected_version = 6;
// The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
// was fixed in. It is possible for this to be different from the
// affected_cpe_uri.
string fixed_cpe_uri = 7;
// The package this vulnerability was fixed in. It is possible for this to
// be different from the affected_package.
string fixed_package = 8;
// Required. The version of the package this vulnerability was fixed in.
// Setting this to VersionKind.MAXIMUM means no fix is yet available.
grafeas.v1.Version fixed_version = 9;
// The version number at the start of an interval in which this
// vulnerability exists. A vulnerability can affect a package between
// version numbers that are disjoint sets of intervals (example:
// [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
// represented in its own Detail. If a specific affected version is provided
// by a vulnerability database, affected_version_start and
// affected_version_end will be the same in that Detail.
grafeas.v1.Version affected_version_start = 6;
// The version number at the end of an interval in which this vulnerability
// exists. A vulnerability can affect a package between version numbers
// that are disjoint sets of intervals (example: [1.0.0-1.1.0],
// [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
// own Detail. If a specific affected version is provided by a vulnerability
// database, affected_version_start and affected_version_end will be the
// same in that Detail.
grafeas.v1.Version affected_version_end = 7;
// The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
// to update to that contains a fix for this vulnerability. It is possible
// for this to be different from the affected_cpe_uri.
string fixed_cpe_uri = 8;
// The distro recommended package to update to that contains a fix for this
// vulnerability. It is possible for this to be different from the
// affected_package.
string fixed_package = 9;
// The distro recommended version to update to that contains a
// fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
// such version is yet available.
grafeas.v1.Version fixed_version = 10;
// Whether this detail is obsolete. Occurrences are expected not to point to
// obsolete details.
bool is_obsolete = 10;
bool is_obsolete = 11;
}
// The full description of the CVSSv3 for this vulnerability.
@ -158,9 +175,9 @@ message VulnerabilityOccurrence {
// Required. The package this vulnerability was found in.
string affected_package = 2;
// Required. The minimum version of the package this vulnerability exists
// in.
grafeas.v1.Version min_affected_version = 3;
// Required. The version of the package that is installed on the resource
// affected by this vulnerability.
grafeas.v1.Version affected_version = 3;
// The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
// was fixed in. It is possible for this to be different from the

Write Preview
Loading…
Cancel
Save