VulnerablePackage - Inspector

VulnerablePackage

Information on the vulnerable package identified by a finding.

Contents

arch

The architecture of the vulnerable package.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Required: No

epoch

The epoch of the vulnerable package.

Type: Integer

Required: No

filePath

The file path of the vulnerable package.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: No

fixedInVersion

The version of the package that contains the vulnerability fix.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: No

name

The name of the vulnerable package.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: Yes

packageManager

The package manager of the vulnerable package.

Type: String

Valid Values: BUNDLER | CARGO | COMPOSER | NPM | NUGET | PIPENV | POETRY | YARN | GOBINARY | GOMOD | JAR | OS | PIP | PYTHONPKG | NODEPKG | POM

Required: No

release

The release of the vulnerable package.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: No

remediation

The code to run in your environment to update packages with a fix available.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: No

sourceLambdaLayerArn

The Amazon Resource Number (ARN) of the AWS Lambda function affected by a finding.

Type: String

Pattern: ^arn:[a-zA-Z0-9-]+:lambda:[a-zA-Z0-9-]+:\d{12}:layer:[a-zA-Z0-9-_]+:[0-9]+$

Required: No

sourceLayerHash

The source layer hash of the vulnerable package.

Type: String

Length Constraints: Fixed length of 71.

Pattern: ^sha256:[a-z0-9]{64}$

Required: No

version

The version of the vulnerable package.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: