Object GitHub::SecurityVulnerability

An individual vulnerability within an Advisory

Fields

advisory: SecurityAdvisory!

The Advisory associated with this Vulnerability

firstPatchedVersion: SecurityAdvisoryPackageVersion

The first version containing a fix for the vulnerability

package: SecurityAdvisoryPackage!

A description of the vulnerable package

severity: SecurityAdvisorySeverity!

The severity of the vulnerability within this package

updatedAt: DateTime!

When the vulnerability was last updated

vulnerableVersionRange: String!

A string that describes the vulnerable package versions. This string follows a basic syntax with a few forms. + = 0.2.0 denotes a single vulnerable version. + <= 1.0.8 denotes a version range up to and including the specified version + < 0.1.11 denotes a version range up to, but excluding, the specified version + >= 4.3.0, < 4.3.5 denotes a version range with a known minimum and maximum version. + >= 0.0.1 denotes a version range with a known minimum, but no known maximum

Uses

RepositoryVulnerabilityAlert.securityVulnerability

SecurityVulnerabilityConnection.nodes

SecurityVulnerabilityEdge.node