search
Book a demo

scaVulnerability

Details of a Software Composition Analysis (SCA) vulnerability.

hashtag
Examples

type SCAVulnerability {
  issueId: String
  oxSeverity: String
  severityNumberFromTool: String
  severityFromTool: String
  cve: String
  cveLink: String
  cvsVer: String
  cvssVersion: Float
  epss: Float
  percentile: Float
  libName: String
  dependencyChain: String
  runtimeStatus: String
  libVersion: String
  chainDepth: Int
  exploitInTheWild: Boolean
  exploitInTheWildLink: String
  description: String
  dateDiscovered: String
  minorVerWithFix: String
  majorVerWithFix: String
  exploitRequirement: String
  exploitCode: String
  originalSeverity: String
}

hashtag
Fields

Field
Description
Supported fields

issueId String

ID of the related issue

oxSeverity String

Severity according to the OX scoring system

severityNumberFromTool String

Severity number as reported by the scanning tool

severityFromTool String

Severity description as reported by the scanning tool

cve String

CVE identifier

cveLink String

URL link to detailed CVE information

cvsVer String

Version of the CVS standard used

cvssVersion Float

Version number of the CVSS standard used

epss Float

Exploit Prediction Scoring System (EPSS) score

percentile Float

Percentile ranking of the vulnerability

libName String

Name of the vulnerable library

dependencyChain String

Dependency chain leading to the vulnerable library

runtimeStatus String

Runtime status of the library

libVersion String

Version of the vulnerable library

chainDepth Int

Depth level in the dependency chain

exploitInTheWild Boolean

Indicates if an exploit exists in the wild

exploitInTheWildLink String

URL to exploit details if available

description String

Description of the vulnerability

dateDiscovered String

Date when the vulnerability was discovered

minorVerWithFix String

Minor version of the library that includes a fix

majorVerWithFix String

Major version of the library that includes a fix

exploitRequirement String

Requirements for exploiting the vulnerability

exploitCode String

Code or technique used for exploit

originalSeverity String

Original severity rating of the vulnerability

hashtag
References

hashtag
Fields with this object:

Last updated