report

Message

Field	Type	Label	Description
cve_id	string	optional	The ID of the Common Vulnerabilities and Exposures (CVE).
targets	Target	repeated	The list of targets affected by the CVE.
cwe	int32	optional	The Common Weakness Enumeration (CWE) ID associated with the CVE.
description	string	optional	Description of the CVE.
references	Reference	repeated	References related to the CVE.
cvss_scores	CVSS	optional	CVSS scores associated with the CVE.
published_date	uint64	optional	Date when the CVE was published.
modified_date	uint64	optional	Date when the CVE was last modified.

CVSS

Field	Type	Label	Description
v31	CVSSv3	optional	CVSSv3.1 scores associated with the CVE.
v30	CVSSv3	optional	CVSSv3.0 scores associated with the CVE.
v2	CVSSv2	optional	CVSSv2 scores associated with the CVE.

CVSSv2

Field	Type	Label	Description
version	string	optional	CVSS version.
vector_string	string	optional	CVSS vector string.
confidentiality_impact	string	optional	Confidentiality impact.
integrity_impact	string	optional	Integrity impact.
availability_impact	string	optional	Availability impact.
base_score	float	optional	Base score.
remediation_level	string	optional	Remediation level.
report_confidence	string	optional	Report confidence.
temporal_score	float	optional	Temporal score.
confidentiality_requirement	string	optional	Confidentiality requirement.
integrity_requirement	string	optional	Integrity requirement.
availability_requirement	string	optional	Availability requirement.
environmental_score	float	optional	Environmental score.
access_vector	string	optional	Access vector.
access_complexity	string	optional	Access complexity.
authentication	string	optional	Authentication.
exploitability	string	optional	Exploitability.
collateral_damage_potential	string	optional	Collateral damage potential.
target_distribution	string	optional	Target distribution.
impact_score	float	optional	Impact score.
exploitability_score	float	optional	Exploitability score.
ac_insuf_info	bool	optional	AC insufficiency information.
obtain_all_privilege	bool	optional	Privilege obtained.
obtain_user_privilege	bool	optional	User privilege obtained.
obtain_other_privilege	bool	optional	Other privilege obtained.
user_interaction_required	bool	optional	User interaction required.

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description

Message

Field	Type	Label	Description
key	string	optional
value	string	optional

RiskRating

Reference

Field	Type	Label	Description
title	string	optional	The title of the reference.
url	string	optional	The URL of the reference.

MetadataTypeEnum

Metadata

Field	Type	Label	Description
value	string	optional	The value of the metadata.
type	MetadataTypeEnum	optional	The type of metadata (FILE_PATH, CODE_LOCATION, URL, PORT, LOG).

VulnerabilityLocation

Field	Type	Label	Description
domain_name	ostorlab.agent.message.proto.v3.asset.domain_name.Message	oneof	Vulnerability associated with a domain name asset.
ipv4	ostorlab.agent.message.proto.v3.asset.ip.v4.Message	oneof	Vulnerability associated with an IPv4 address asset.
ipv6	ostorlab.agent.message.proto.v3.asset.ip.v6.Message	oneof	Vulnerability associated with an IPv6 address asset.
link	ostorlab.agent.message.proto.v3.asset.link.Message	oneof	Vulnerability associated with a link asset.
android_store	ostorlab.agent.message.proto.v3.asset.store.android_store.Message	oneof	Vulnerability associated with an Android store asset.
ios_store	ostorlab.agent.message.proto.v3.asset.store.ios_store.Message	oneof	Vulnerability associated with an iOS store asset.
file	ostorlab.agent.message.proto.v3.asset.file.Message	oneof	Vulnerability associated with a file asset.
android_aab	ostorlab.agent.message.proto.v3.asset.file.android.aab.Message	oneof	Vulnerability associated with an Android App Bundle (AAB) asset.
android_apk	ostorlab.agent.message.proto.v3.asset.file.android.apk.Message	oneof	Vulnerability associated with an Android APK asset.
ios_ipa	ostorlab.agent.message.proto.v3.asset.file.ios.ipa.Message	oneof	Vulnerability associated with an iOS IPA asset.
metadata	Metadata	repeated	Metadata associated with the vulnerability.

CategoryGroup

Field	Type	Label	Description
key	string	optional	The key of the category group.
categories	string	repeated	The list of categories in the category group.

Message

Field	Type	Label	Description
title	string	optional	The title of the vulnerability.
risk_rating	RiskRating	optional	The risk rating associated with the vulnerability.
technical_detail	string	optional	The technical details of the vulnerability.
short_description	string	optional	A short description of the vulnerability.
description	string	optional	The detailed description of the vulnerability.
recommendation	string	optional	Recommendations for addressing the vulnerability.
references	Reference	repeated	References related to the vulnerability.
security_issue	bool	optional	Indicates if the vulnerability is a security issue.
privacy_issue	bool	optional	Indicates if the vulnerability is a privacy issue.
has_public_exploit	bool	optional	Indicates if the vulnerability has a public exploit.
targeted_by_malware	bool	optional	Indicates if the vulnerability is targeted by malware.
targeted_by_ransomware	bool	optional	Indicates if the vulnerability is targeted by ransomware.
targeted_by_nation_state	bool	optional	Indicates if the vulnerability is targeted by a nation state.
dna	string	optional	DNA signature associated with the vulnerability.
cvss_v3_vector	string	optional	CVSSv3 vector associated with the vulnerability.
vulnerability_location	VulnerabilityLocation	optional	The location of the vulnerability within the asset.
category_groups	CategoryGroup	repeated	Groups of categories associated with the vulnerability.