GoogleApi.WebSecurityScanner.V1alpha.Model.Finding (google_api_web_security_scanner v0.19.0)

View Source

A Finding resource represents a vulnerability instance identified during a ScanRun.

Attributes

  • body (type: String.t, default: nil) - The body of the request that triggered the vulnerability.
  • description (type: String.t, default: nil) - The description of the vulnerability.
  • finalUrl (type: String.t, default: nil) - The URL where the browser lands when the vulnerability is detected.
  • findingType (type: String.t, default: nil) - The type of the Finding.
  • frameUrl (type: String.t, default: nil) - If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
  • fuzzedUrl (type: String.t, default: nil) - The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
  • httpMethod (type: String.t, default: nil) - The http method of the request that triggered the vulnerability, in uppercase.
  • name (type: String.t, default: nil) - The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
  • outdatedLibrary (type: GoogleApi.WebSecurityScanner.V1alpha.Model.OutdatedLibrary.t, default: nil) - An addon containing information about outdated libraries.
  • reproductionUrl (type: String.t, default: nil) - The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
  • trackingId (type: String.t, default: nil) - The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
  • violatingResource (type: GoogleApi.WebSecurityScanner.V1alpha.Model.ViolatingResource.t, default: nil) - An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
  • vulnerableHeaders (type: GoogleApi.WebSecurityScanner.V1alpha.Model.VulnerableHeaders.t, default: nil) - An addon containing information about vulnerable or missing HTTP headers.
  • vulnerableParameters (type: GoogleApi.WebSecurityScanner.V1alpha.Model.VulnerableParameters.t, default: nil) - An addon containing information about request parameters which were found to be vulnerable.
  • xss (type: GoogleApi.WebSecurityScanner.V1alpha.Model.Xss.t, default: nil) - An addon containing information reported for an XSS, if any.

Summary

Types

t()

Functions

decode(value, options)

Unwrap a decoded JSON object into its complex fields.

Types

t()

@type t() :: %GoogleApi.WebSecurityScanner.V1alpha.Model.Finding{
  body: String.t() | nil,
  description: String.t() | nil,
  finalUrl: String.t() | nil,
  findingType: String.t() | nil,
  frameUrl: String.t() | nil,
  fuzzedUrl: String.t() | nil,
  httpMethod: String.t() | nil,
  name: String.t() | nil,
  outdatedLibrary:
    GoogleApi.WebSecurityScanner.V1alpha.Model.OutdatedLibrary.t() | nil,
  reproductionUrl: String.t() | nil,
  trackingId: String.t() | nil,
  violatingResource:
    GoogleApi.WebSecurityScanner.V1alpha.Model.ViolatingResource.t() | nil,
  vulnerableHeaders:
    GoogleApi.WebSecurityScanner.V1alpha.Model.VulnerableHeaders.t() | nil,
  vulnerableParameters:
    GoogleApi.WebSecurityScanner.V1alpha.Model.VulnerableParameters.t() | nil,
  xss: GoogleApi.WebSecurityScanner.V1alpha.Model.Xss.t() | nil
}

Functions

decode(value, options)

@spec decode(struct(), keyword()) :: struct()

Unwrap a decoded JSON object into its complex fields.