scaVulnerability
Details of a Software Composition Analysis (SCA) vulnerability.
Examples
type SCAVulnerability {
issueId: String
oxSeverity: String
severityNumberFromTool: String
severityFromTool: String
cve: String
cveLink: String
cvsVer: String
cvssVersion: Float
epss: Float
percentile: Float
libName: String
dependencyChain: String
libVersion: String
chainDepth: Int
exploitInTheWild: Boolean
exploitInTheWildLink: String
description: String
dateDiscovered: String
minorVerWithFix: String
majorVerWithFix: String
exploitRequirement: String
exploitCode: String
originalSeverity: String
}Fields
issueId String
ID of the related issue
oxSeverity String
Severity according to the OX scoring system
severityNumberFromTool String
Severity number as reported by the scanning tool
severityFromTool String
Severity description as reported by the scanning tool
cve String
CVE identifier
cveLink String
URL link to detailed CVE information
cvsVer String
Version of the CVS standard used
cvssVersion Float
Version number of the CVSS standard used
epss Float
Exploit Prediction Scoring System (EPSS) score
percentile Float
Percentile ranking of the vulnerability
libName String
Name of the vulnerable library
dependencyChain String
Dependency chain leading to the vulnerable library
libVersion String
Version of the vulnerable library
chainDepth Int
Depth level in the dependency chain
exploitInTheWild Boolean
Indicates if an exploit exists in the wild
exploitInTheWildLink String
URL to exploit details if available
description String
Description of the vulnerability
dateDiscovered String
Date when the vulnerability was discovered
minorVerWithFix String
Minor version of the library that includes a fix
majorVerWithFix String
Major version of the library that includes a fix
exploitRequirement String
Requirements for exploiting the vulnerability
exploitCode String
Code or technique used for exploit
originalSeverity String
Original severity rating of the vulnerability
References
Fields with this object:
Last updated