Github API - Test Config

Flexydox

SecurityVulnerability [object]

An individual vulnerability within an Advisory

Attributes
advisory SecurityAdvisory

SecurityAdvisory [object]

A GitHub Security Advisory

Implements
Node
Attributes
classification SecurityAdvisoryClassification

The classification of the advisory

cvss CVSS

The CVSS associated with this advisory

cwes CWEConnection

CWEs associated with this Advisory

databaseId Int

Identifies the primary key from the database.

description String

This is a long plaintext description of the advisory

ghsaId String

The GitHub Security Advisory ID

id ID

The Node ID of the SecurityAdvisory object

identifiers SecurityAdvisoryIdentifier []

A list of identifiers for this advisory

notificationsPermalink URI

The permalink for the advisory's dependabot alerts page

origin String

The organization that originated the advisory

permalink URI

The permalink for the advisory

publishedAt DateTime

When the advisory was published

references SecurityAdvisoryReference []

A list of references for this advisory

severity SecurityAdvisorySeverity

The severity of the advisory

summary String

A short plaintext summary of the advisory

updatedAt DateTime

When the advisory was last updated

vulnerabilities SecurityVulnerabilityConnection

Vulnerabilities associated with this Advisory

withdrawnAt DateTime

When the advisory was withdrawn, if it has been withdrawn

API:
Github GraphQL API

The Advisory associated with this Vulnerability

firstPatchedVersion SecurityAdvisoryPackageVersion

SecurityAdvisoryPackageVersion [object]

An individual package version

Attributes
identifier String

The package name or version

API:
Github GraphQL API

The first version containing a fix for the vulnerability

package SecurityAdvisoryPackage

SecurityAdvisoryPackage [object]

An individual package

Attributes
ecosystem SecurityAdvisoryEcosystem

The ecosystem the package belongs to, e.g. RUBYGEMS, NPM

name String

The package name

API:
Github GraphQL API

A description of the vulnerable package

severity SecurityAdvisorySeverity

SecurityAdvisorySeverity [enum]

Severity of the vulnerability.

Possible values
CRITICAL

Critical.

HIGH

High.

LOW

Low.

MODERATE

Moderate.

API:
Github GraphQL API

The severity of the vulnerability within this package

updatedAt DateTime

DateTime [scalar]

An ISO-8601 encoded UTC date string.

API:
Github GraphQL API

When the vulnerability was last updated

vulnerableVersionRange String

String [scalar]

The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.

API:
Github GraphQL API

A string that describes the vulnerable package versions.
This string follows a basic syntax with a few forms.

  • = 0.2.0 denotes a single vulnerable version.
  • <= 1.0.8 denotes a version range up to and including the specified version
  • < 0.1.11 denotes a version range up to, but excluding, the specified version
  • >= 4.3.0, < 4.3.5 denotes a version range with a known minimum and maximum version.
  • >= 0.0.1 denotes a version range with a known minimum, but no known maximum

API:
Github GraphQL API