1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Adm
  5. getVulnerabilityAudit
Oracle Cloud Infrastructure v2.32.0 published on Thursday, Apr 24, 2025 by Pulumi

oci.Adm.getVulnerabilityAudit

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.32.0 published on Thursday, Apr 24, 2025 by Pulumi

This data source provides details about a specific Vulnerability Audit resource in Oracle Cloud Infrastructure ADM service.

Returns the details of the specified Vulnerability Audit.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testVulnerabilityAudit = oci.Adm.getVulnerabilityAudit({
    vulnerabilityAuditId: testVulnerabilityAuditOciAdmVulnerabilityAudit.id,
});
Copy
import pulumi
import pulumi_oci as oci

test_vulnerability_audit = oci.Adm.get_vulnerability_audit(vulnerability_audit_id=test_vulnerability_audit_oci_adm_vulnerability_audit["id"])
Copy
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/adm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := adm.GetVulnerabilityAudit(ctx, &adm.GetVulnerabilityAuditArgs{
			VulnerabilityAuditId: testVulnerabilityAuditOciAdmVulnerabilityAudit.Id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testVulnerabilityAudit = Oci.Adm.GetVulnerabilityAudit.Invoke(new()
    {
        VulnerabilityAuditId = testVulnerabilityAuditOciAdmVulnerabilityAudit.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Adm.AdmFunctions;
import com.pulumi.oci.Adm.inputs.GetVulnerabilityAuditArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testVulnerabilityAudit = AdmFunctions.getVulnerabilityAudit(GetVulnerabilityAuditArgs.builder()
            .vulnerabilityAuditId(testVulnerabilityAuditOciAdmVulnerabilityAudit.id())
            .build());

    }
}
Copy
variables:
  testVulnerabilityAudit:
    fn::invoke:
      function: oci:Adm:getVulnerabilityAudit
      arguments:
        vulnerabilityAuditId: ${testVulnerabilityAuditOciAdmVulnerabilityAudit.id}
Copy

Using getVulnerabilityAudit

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getVulnerabilityAudit(args: GetVulnerabilityAuditArgs, opts?: InvokeOptions): Promise<GetVulnerabilityAuditResult>
function getVulnerabilityAuditOutput(args: GetVulnerabilityAuditOutputArgs, opts?: InvokeOptions): Output<GetVulnerabilityAuditResult>
Copy
def get_vulnerability_audit(vulnerability_audit_id: Optional[str] = None,
                            opts: Optional[InvokeOptions] = None) -> GetVulnerabilityAuditResult
def get_vulnerability_audit_output(vulnerability_audit_id: Optional[pulumi.Input[str]] = None,
                            opts: Optional[InvokeOptions] = None) -> Output[GetVulnerabilityAuditResult]
Copy
func GetVulnerabilityAudit(ctx *Context, args *GetVulnerabilityAuditArgs, opts ...InvokeOption) (*GetVulnerabilityAuditResult, error)
func GetVulnerabilityAuditOutput(ctx *Context, args *GetVulnerabilityAuditOutputArgs, opts ...InvokeOption) GetVulnerabilityAuditResultOutput
Copy

> Note: This function is named GetVulnerabilityAudit in the Go SDK.

public static class GetVulnerabilityAudit 
{
    public static Task<GetVulnerabilityAuditResult> InvokeAsync(GetVulnerabilityAuditArgs args, InvokeOptions? opts = null)
    public static Output<GetVulnerabilityAuditResult> Invoke(GetVulnerabilityAuditInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetVulnerabilityAuditResult> getVulnerabilityAudit(GetVulnerabilityAuditArgs args, InvokeOptions options)
public static Output<GetVulnerabilityAuditResult> getVulnerabilityAudit(GetVulnerabilityAuditArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: oci:Adm/getVulnerabilityAudit:getVulnerabilityAudit
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

VulnerabilityAuditId This property is required. string
Unique Vulnerability Audit identifier path parameter.
VulnerabilityAuditId This property is required. string
Unique Vulnerability Audit identifier path parameter.
vulnerabilityAuditId This property is required. String
Unique Vulnerability Audit identifier path parameter.
vulnerabilityAuditId This property is required. string
Unique Vulnerability Audit identifier path parameter.
vulnerability_audit_id This property is required. str
Unique Vulnerability Audit identifier path parameter.
vulnerabilityAuditId This property is required. String
Unique Vulnerability Audit identifier path parameter.

getVulnerabilityAudit Result

The following output properties are available:

ApplicationDependencies List<GetVulnerabilityAuditApplicationDependency>
BuildType string
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
Configurations List<GetVulnerabilityAuditConfiguration>
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags Dictionary<string, string>
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string
The name of the vulnerability audit.
FreeformTags Dictionary<string, string>
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Id string
Unique vulnerability identifier, e.g. CVE-1999-0067.
IsSuccess bool
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string
The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string
Details on the lifecycle state.
MaxObservedCvssV2score double
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored double
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score double
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored double
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Sources List<GetVulnerabilityAuditSource>
Source that published the vulnerability
State string
The current lifecycle state of the vulnerability audit.
SystemTags Dictionary<string, string>
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string
The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string
The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageDatas List<GetVulnerabilityAuditUsageData>
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities List<GetVulnerabilityAuditVulnerability>
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerabilityAuditId string
VulnerableArtifactsCount int
Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int
Count of all vulnerable application dependencies.
ApplicationDependencies []GetVulnerabilityAuditApplicationDependency
BuildType string
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
Configurations []GetVulnerabilityAuditConfiguration
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags map[string]string
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string
The name of the vulnerability audit.
FreeformTags map[string]string
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Id string
Unique vulnerability identifier, e.g. CVE-1999-0067.
IsSuccess bool
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string
The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string
Details on the lifecycle state.
MaxObservedCvssV2score float64
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored float64
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score float64
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored float64
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Sources []GetVulnerabilityAuditSource
Source that published the vulnerability
State string
The current lifecycle state of the vulnerability audit.
SystemTags map[string]string
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string
The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string
The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageDatas []GetVulnerabilityAuditUsageData
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities []GetVulnerabilityAuditVulnerability
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerabilityAuditId string
VulnerableArtifactsCount int
Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int
Count of all vulnerable application dependencies.
applicationDependencies List<GetVulnerabilityAuditApplicationDependency>
buildType String
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations List<GetVulnerabilityAuditConfiguration>
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String,String>
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String
The name of the vulnerability audit.
freeformTags Map<String,String>
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id String
Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess Boolean
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String
The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String
Details on the lifecycle state.
maxObservedCvssV2score Double
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Double
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Double
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Double
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources List<GetVulnerabilityAuditSource>
Source that published the vulnerability
state String
The current lifecycle state of the vulnerability audit.
systemTags Map<String,String>
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String
The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String
The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas List<GetVulnerabilityAuditUsageData>
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<GetVulnerabilityAuditVulnerability>
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId String
vulnerableArtifactsCount Integer
Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Integer
Count of all vulnerable application dependencies.
applicationDependencies GetVulnerabilityAuditApplicationDependency[]
buildType string
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId string
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations GetVulnerabilityAuditConfiguration[]
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags {[key: string]: string}
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName string
The name of the vulnerability audit.
freeformTags {[key: string]: string}
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id string
Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess boolean
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId string
The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails string
Details on the lifecycle state.
maxObservedCvssV2score number
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored number
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score number
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored number
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity string
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored string
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources GetVulnerabilityAuditSource[]
Source that published the vulnerability
state string
The current lifecycle state of the vulnerability audit.
systemTags {[key: string]: string}
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated string
The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated string
The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas GetVulnerabilityAuditUsageData[]
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities GetVulnerabilityAuditVulnerability[]
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId string
vulnerableArtifactsCount number
Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored number
Count of all vulnerable application dependencies.
application_dependencies Sequence[adm.GetVulnerabilityAuditApplicationDependency]
build_type str
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartment_id str
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations Sequence[adm.GetVulnerabilityAuditConfiguration]
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
defined_tags Mapping[str, str]
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
display_name str
The name of the vulnerability audit.
freeform_tags Mapping[str, str]
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id str
Unique vulnerability identifier, e.g. CVE-1999-0067.
is_success bool
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledge_base_id str
The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycle_details str
Details on the lifecycle state.
max_observed_cvss_v2score float
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v2score_with_ignored float
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
max_observed_cvss_v3score float
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v3score_with_ignored float
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
max_observed_severity str
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
max_observed_severity_with_ignored str
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources Sequence[adm.GetVulnerabilityAuditSource]
Source that published the vulnerability
state str
The current lifecycle state of the vulnerability audit.
system_tags Mapping[str, str]
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created str
The creation date and time of the vulnerability audit (formatted according to RFC3339).
time_updated str
The update date and time of the vulnerability audit (formatted according to RFC3339).
usage_datas Sequence[adm.GetVulnerabilityAuditUsageData]
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities Sequence[adm.GetVulnerabilityAuditVulnerability]
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerability_audit_id str
vulnerable_artifacts_count int
Count of non-ignored vulnerable application dependencies.
vulnerable_artifacts_count_with_ignored int
Count of all vulnerable application dependencies.
applicationDependencies List<Property Map>
buildType String
The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String
The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations List<Property Map>
Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String>
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String
The name of the vulnerability audit.
freeformTags Map<String>
Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id String
Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess Boolean
Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String
The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String
Details on the lifecycle state.
maxObservedCvssV2score Number
Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Number
Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Number
Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Number
Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String
Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String
Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources List<Property Map>
Source that published the vulnerability
state String
The current lifecycle state of the vulnerability audit.
systemTags Map<String>
Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String
The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String
The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas List<Property Map>
The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<Property Map>
List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId String
vulnerableArtifactsCount Number
Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Number
Count of all vulnerable application dependencies.

Supporting Types

GetVulnerabilityAuditApplicationDependency

ApplicationDependencyNodeIds This property is required. List<string>
Gav This property is required. string
NodeId This property is required. string
Purl This property is required. string
ApplicationDependencyNodeIds This property is required. []string
Gav This property is required. string
NodeId This property is required. string
Purl This property is required. string
applicationDependencyNodeIds This property is required. List<String>
gav This property is required. String
nodeId This property is required. String
purl This property is required. String
applicationDependencyNodeIds This property is required. string[]
gav This property is required. string
nodeId This property is required. string
purl This property is required. string
application_dependency_node_ids This property is required. Sequence[str]
gav This property is required. str
node_id This property is required. str
purl This property is required. str
applicationDependencyNodeIds This property is required. List<String>
gav This property is required. String
nodeId This property is required. String
purl This property is required. String

GetVulnerabilityAuditConfiguration

Exclusions This property is required. List<string>
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score This property is required. double
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score This property is required. double
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity This property is required. string
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
Exclusions This property is required. []string
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score This property is required. float64
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score This property is required. float64
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity This property is required. string
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
exclusions This property is required. List<String>
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score This property is required. Double
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score This property is required. Double
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity This property is required. String
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
exclusions This property is required. string[]
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score This property is required. number
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score This property is required. number
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity This property is required. string
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
exclusions This property is required. Sequence[str]
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
max_permissible_cvss_v2score This property is required. float
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_cvss_v3score This property is required. float
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_severity This property is required. str
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.
exclusions This property is required. List<String>
A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score This property is required. Number
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score This property is required. Number
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity This property is required. String
A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

GetVulnerabilityAuditSource

Description This property is required. string
Description of the external resource source.
OciResourceId This property is required. string
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
Type This property is required. string
Source type of the vulnerability audit.
Description This property is required. string
Description of the external resource source.
OciResourceId This property is required. string
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
Type This property is required. string
Source type of the vulnerability audit.
description This property is required. String
Description of the external resource source.
ociResourceId This property is required. String
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type This property is required. String
Source type of the vulnerability audit.
description This property is required. string
Description of the external resource source.
ociResourceId This property is required. string
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type This property is required. string
Source type of the vulnerability audit.
description This property is required. str
Description of the external resource source.
oci_resource_id This property is required. str
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type This property is required. str
Source type of the vulnerability audit.
description This property is required. String
Description of the external resource source.
ociResourceId This property is required. String
The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type This property is required. String
Source type of the vulnerability audit.

GetVulnerabilityAuditUsageData

Bucket This property is required. string
The Object Storage bucket to read the usage data from.
Namespace This property is required. string
The Object Storage namespace to read the usage data from.
Object This property is required. string
The Object Storage object name to read the usage data from.
SourceType This property is required. string
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.
Bucket This property is required. string
The Object Storage bucket to read the usage data from.
Namespace This property is required. string
The Object Storage namespace to read the usage data from.
Object This property is required. string
The Object Storage object name to read the usage data from.
SourceType This property is required. string
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.
bucket This property is required. String
The Object Storage bucket to read the usage data from.
namespace This property is required. String
The Object Storage namespace to read the usage data from.
object This property is required. String
The Object Storage object name to read the usage data from.
sourceType This property is required. String
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.
bucket This property is required. string
The Object Storage bucket to read the usage data from.
namespace This property is required. string
The Object Storage namespace to read the usage data from.
object This property is required. string
The Object Storage object name to read the usage data from.
sourceType This property is required. string
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.
bucket This property is required. str
The Object Storage bucket to read the usage data from.
namespace This property is required. str
The Object Storage namespace to read the usage data from.
object This property is required. str
The Object Storage object name to read the usage data from.
source_type This property is required. str
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.
bucket This property is required. String
The Object Storage bucket to read the usage data from.
namespace This property is required. String
The Object Storage namespace to read the usage data from.
object This property is required. String
The Object Storage object name to read the usage data from.
sourceType This property is required. String
The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

GetVulnerabilityAuditVulnerability

CvssV2score This property is required. double
Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score This property is required. double
Common Vulnerability Scoring System (CVSS) Version 3.
Id This property is required. string
Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive This property is required. bool
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored This property is required. bool
Indicates if the vulnerability was ignored according to the audit configuration.
Severity This property is required. string
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source This property is required. string
Source that published the vulnerability
CvssV2score This property is required. float64
Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score This property is required. float64
Common Vulnerability Scoring System (CVSS) Version 3.
Id This property is required. string
Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive This property is required. bool
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored This property is required. bool
Indicates if the vulnerability was ignored according to the audit configuration.
Severity This property is required. string
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source This property is required. string
Source that published the vulnerability
cvssV2score This property is required. Double
Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score This property is required. Double
Common Vulnerability Scoring System (CVSS) Version 3.
id This property is required. String
Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive This property is required. Boolean
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored This property is required. Boolean
Indicates if the vulnerability was ignored according to the audit configuration.
severity This property is required. String
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source This property is required. String
Source that published the vulnerability
cvssV2score This property is required. number
Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score This property is required. number
Common Vulnerability Scoring System (CVSS) Version 3.
id This property is required. string
Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive This property is required. boolean
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored This property is required. boolean
Indicates if the vulnerability was ignored according to the audit configuration.
severity This property is required. string
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source This property is required. string
Source that published the vulnerability
cvss_v2score This property is required. float
Common Vulnerability Scoring System (CVSS) Version 2.
cvss_v3score This property is required. float
Common Vulnerability Scoring System (CVSS) Version 3.
id This property is required. str
Unique vulnerability identifier, e.g. CVE-1999-0067.
is_false_positive This property is required. bool
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
is_ignored This property is required. bool
Indicates if the vulnerability was ignored according to the audit configuration.
severity This property is required. str
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source This property is required. str
Source that published the vulnerability
cvssV2score This property is required. Number
Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score This property is required. Number
Common Vulnerability Scoring System (CVSS) Version 3.
id This property is required. String
Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive This property is required. Boolean
Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored This property is required. Boolean
Indicates if the vulnerability was ignored according to the audit configuration.
severity This property is required. String
ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source This property is required. String
Source that published the vulnerability

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes
This Pulumi package is based on the oci Terraform Provider.
Oracle Cloud Infrastructure v2.32.0 published on Thursday, Apr 24, 2025 by Pulumi