Type Alias VulnerabilityAnalysis

VulnerabilityAnalysis: Message<"cyclonedx.v1_5.VulnerabilityAnalysis"> & {
    detail?: string;
    firstIssued?: Timestamp;
    justification?: cdx_15.ImpactAnalysisJustification;
    lastUpdated?: Timestamp;
    response: cdx_15.VulnerabilityResponse[];
    state?: cdx_15.ImpactAnalysisState;
}

Optionaldetail?: string
Detailed description of the impact including methods used during assessment. If a vulnerability is not exploitable, this field should include specific details on why the component or service is not impacted by this vulnerability.

Generated
from field: optional string detail = 4;
OptionalfirstIssued?: Timestamp
The date and time (timestamp) when the analysis was first issued.

Generated
from field: optional google.protobuf.Timestamp firstIssued = 5;
Optionaljustification?: cdx_15.ImpactAnalysisJustification
The rationale of why the impact analysis state was asserted.

Generated
from field: optional cyclonedx.v1_5.ImpactAnalysisJustification justification = 2;
OptionallastUpdated?: Timestamp
The date and time (timestamp) when the analysis was last updated.

Generated
from field: optional google.protobuf.Timestamp lastUpdated = 6;
response: cdx_15.VulnerabilityResponse[]
A response to the vulnerability by the manufacturer, supplier, or project responsible for the affected component or service. More than one response is allowed. Responses are strongly encouraged for vulnerabilities where the analysis state is exploitable.

Generated
from field: repeated cyclonedx.v1_5.VulnerabilityResponse response = 3;
Optionalstate?: cdx_15.ImpactAnalysisState
Declares the current state of an occurrence of a vulnerability, after automated or manual analysis.

Generated
from field: optional cyclonedx.v1_5.ImpactAnalysisState state = 1;

from message cyclonedx.v1_5.VulnerabilityAnalysis