| `description` | String | Description of the vulnerability |
| `id` | ID! | GraphQL ID of the vulnerability |
| `location` | JSON | The JSON location metadata for the vulnerability. Its format depends on the type of the security scan that found the vulnerability |
| `location` | VulnerabilityLocation | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability |
| `project` | Project | The project on which the vulnerability was found |
| `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST) |
| `severity` | VulnerabilitySeverity | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL) |
...
...
@@ -1641,6 +1641,48 @@ Represents a vulnerability.
| `userPermissions` | VulnerabilityPermissions! | Permissions for the current user on the resource |
| `vulnerabilityPath` | String | URL to the vulnerability's details page |
## VulnerabilityLocationContainerScanning
Represents the location of a vulnerability found by a container security scan
| Name | Type | Description |
| --- | ---- | ---------- |
| `dependency` | VulnerableDependency | Dependency containing the vulnerability |
| `image` | String | Name of the vulnerable container image |
| `operatingSystem` | String | Operating system that runs on the vulnerable container image |
## VulnerabilityLocationDast
Represents the location of a vulnerability found by a DAST scan
| Name | Type | Description |
| --- | ---- | ---------- |
| `hostname` | String | Domain name of the vulnerable request |
| `param` | String | Query parameter for the URL on which the vulnerability occurred |
| `path` | String | URL path and query string of the vulnerable request |
| `requestMethod` | String | HTTP method of the vulnerable request |
## VulnerabilityLocationDependencyScanning
Represents the location of a vulnerability found by a dependency security scan
| Name | Type | Description |
| --- | ---- | ---------- |
| `dependency` | VulnerableDependency | Dependency containing the vulnerability |
| `file` | String | Path to the vulnerable file |
## VulnerabilityLocationSast
Represents the location of a vulnerability found by a SAST scan
| Name | Type | Description |
| --- | ---- | ---------- |
| `endLine` | String | Number of the last relevant line in the vulnerable file |
| `file` | String | Path to the vulnerable file |
| `startLine` | String | Number of the first relevant line in the vulnerable file |
| `vulnerableClass` | String | Class containing the vulnerability |
| `vulnerableMethod` | String | Method containing the vulnerability |
## VulnerabilityPermissions
Check permissions for the current user on a vulnerability
...
...
@@ -1668,3 +1710,20 @@ Represents vulnerability counts by severity
| `low` | Int | Number of vulnerabilities of LOW severity of the project |
| `medium` | Int | Number of vulnerabilities of MEDIUM severity of the project |
| `unknown` | Int | Number of vulnerabilities of UNKNOWN severity of the project |
## VulnerableDependency
Represents a vulnerable dependency. Used in vulnerability location data
| Name | Type | Description |
| --- | ---- | ---------- |
| `package` | VulnerablePackage | The package associated with the vulnerable dependency |
| `version` | String | The version of the vulnerable dependency |
## VulnerablePackage
Represents a vulnerable package. Used in vulnerability dependency data
| Name | Type | Description |
| --- | ---- | ---------- |
| `name` | String | The name of the vulnerable package |