A detail for a distro and package affected by this vulnerability and its associated fix (if one is available).

Attributes

• affectedCpeUri (type: String.t, default: nil) - Required. The CPE URI this vulnerability affects.
• affectedPackage (type: String.t, default: nil) - Required. The package this vulnerability affects.
• affectedVersionEnd (type: GoogleApi.ContainerAnalysis.V1.Model.Version.t, default: nil) - The version number at the end of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail.
• affectedVersionStart (type: GoogleApi.ContainerAnalysis.V1.Model.Version.t, default: nil) - The version number at the start of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail.
• description (type: String.t, default: nil) - A vendor-specific description of this vulnerability.
• fixedCpeUri (type: String.t, default: nil) - The distro recommended CPE URI to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_cpe_uri.
• fixedPackage (type: String.t, default: nil) - The distro recommended package to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_package.
• fixedVersion (type: GoogleApi.ContainerAnalysis.V1.Model.Version.t, default: nil) - The distro recommended version to update to that contains a fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no such version is yet available.
• isObsolete (type: boolean(), default: nil) - Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
• packageType (type: String.t, default: nil) - The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
• severityName (type: String.t, default: nil) - The distro assigned severity of this vulnerability.
• source (type: String.t, default: nil) - The source from which the information in this Detail was obtained.
• sourceUpdateTime (type: DateTime.t, default: nil) - The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
• vendor (type: String.t, default: nil) - The name of the vendor of the product.