Oracle Cloud Infrastructure v2.33.0, May 1 25

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

oci.Adm.getVulnerabilityAudit

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testVulnerabilityAudit = oci.Adm.getVulnerabilityAudit({
    vulnerabilityAuditId: testVulnerabilityAuditOciAdmVulnerabilityAudit.id,
});

import pulumi
import pulumi_oci as oci

test_vulnerability_audit = oci.Adm.get_vulnerability_audit(vulnerability_audit_id=test_vulnerability_audit_oci_adm_vulnerability_audit["id"])

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/adm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := adm.GetVulnerabilityAudit(ctx, &adm.GetVulnerabilityAuditArgs{
			VulnerabilityAuditId: testVulnerabilityAuditOciAdmVulnerabilityAudit.Id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testVulnerabilityAudit = Oci.Adm.GetVulnerabilityAudit.Invoke(new()
    {
        VulnerabilityAuditId = testVulnerabilityAuditOciAdmVulnerabilityAudit.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Adm.AdmFunctions;
import com.pulumi.oci.Adm.inputs.GetVulnerabilityAuditArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testVulnerabilityAudit = AdmFunctions.getVulnerabilityAudit(GetVulnerabilityAuditArgs.builder()
            .vulnerabilityAuditId(testVulnerabilityAuditOciAdmVulnerabilityAudit.id())
            .build());

    }
}

variables:
  testVulnerabilityAudit:
    fn::invoke:
      function: oci:Adm:getVulnerabilityAudit
      arguments:
        vulnerabilityAuditId: ${testVulnerabilityAuditOciAdmVulnerabilityAudit.id}

Using getVulnerabilityAudit

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getVulnerabilityAudit(args: GetVulnerabilityAuditArgs, opts?: InvokeOptions): Promise<GetVulnerabilityAuditResult>
function getVulnerabilityAuditOutput(args: GetVulnerabilityAuditOutputArgs, opts?: InvokeOptions): Output<GetVulnerabilityAuditResult>

def get_vulnerability_audit(vulnerability_audit_id: Optional[str] = None,
                            opts: Optional[InvokeOptions] = None) -> GetVulnerabilityAuditResult
def get_vulnerability_audit_output(vulnerability_audit_id: Optional[pulumi.Input[str]] = None,
                            opts: Optional[InvokeOptions] = None) -> Output[GetVulnerabilityAuditResult]

func LookupVulnerabilityAudit(ctx *Context, args *LookupVulnerabilityAuditArgs, opts ...InvokeOption) (*LookupVulnerabilityAuditResult, error)
func LookupVulnerabilityAuditOutput(ctx *Context, args *LookupVulnerabilityAuditOutputArgs, opts ...InvokeOption) LookupVulnerabilityAuditResultOutput

> Note: This function is named LookupVulnerabilityAudit in the Go SDK.

public static class GetVulnerabilityAudit 
{
    public static Task<GetVulnerabilityAuditResult> InvokeAsync(GetVulnerabilityAuditArgs args, InvokeOptions? opts = null)
    public static Output<GetVulnerabilityAuditResult> Invoke(GetVulnerabilityAuditInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetVulnerabilityAuditResult> getVulnerabilityAudit(GetVulnerabilityAuditArgs args, InvokeOptions options)
public static Output<GetVulnerabilityAuditResult> getVulnerabilityAudit(GetVulnerabilityAuditArgs args, InvokeOptions options)

fn::invoke:
  function: oci:Adm/getVulnerabilityAudit:getVulnerabilityAudit
  arguments:
    # arguments dictionary

The following arguments are supported:

VulnerabilityAuditId string: Unique Vulnerability Audit identifier path parameter.

VulnerabilityAuditId string: Unique Vulnerability Audit identifier path parameter.

vulnerabilityAuditId String: Unique Vulnerability Audit identifier path parameter.

vulnerabilityAuditId string: Unique Vulnerability Audit identifier path parameter.

vulnerability_audit_id str: Unique Vulnerability Audit identifier path parameter.

vulnerabilityAuditId String: Unique Vulnerability Audit identifier path parameter.

getVulnerabilityAudit Result

The following output properties are available:

ApplicationDependencies List<GetVulnerabilityAuditApplicationDependency>
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
Configurations List<GetVulnerabilityAuditConfiguration>: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags Dictionary<string, string>: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: The name of the vulnerability audit.
FreeformTags Dictionary<string, string>: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Sources List<GetVulnerabilityAuditSource>: Source that published the vulnerability
State string: The current lifecycle state of the vulnerability audit.
SystemTags Dictionary<string, string>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageDatas List<GetVulnerabilityAuditUsageData>: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities List<GetVulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerabilityAuditId string
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

ApplicationDependencies []GetVulnerabilityAuditApplicationDependency
BuildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
CompartmentId string: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
Configurations []GetVulnerabilityAuditConfiguration: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
DefinedTags map[string]string: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
DisplayName string: The name of the vulnerability audit.
FreeformTags map[string]string: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsSuccess bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
KnowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
LifecycleDetails string: Details on the lifecycle state.
MaxObservedCvssV2score float64: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV2scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
MaxObservedCvssV3score float64: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
MaxObservedCvssV3scoreWithIgnored float64: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
MaxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
MaxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
Sources []GetVulnerabilityAuditSource: Source that published the vulnerability
State string: The current lifecycle state of the vulnerability audit.
SystemTags map[string]string: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
TimeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
UsageDatas []GetVulnerabilityAuditUsageData: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
Vulnerabilities []GetVulnerabilityAuditVulnerability: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
VulnerabilityAuditId string
VulnerableArtifactsCount int: Count of non-ignored vulnerable application dependencies.
VulnerableArtifactsCountWithIgnored int: Count of all vulnerable application dependencies.

applicationDependencies List<GetVulnerabilityAuditApplicationDependency>
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations List<GetVulnerabilityAuditConfiguration>: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String,String>: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: The name of the vulnerability audit.
freeformTags Map<String,String>: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Double: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Double: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Double: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources List<GetVulnerabilityAuditSource>: Source that published the vulnerability
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String,String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas List<GetVulnerabilityAuditUsageData>: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<GetVulnerabilityAuditVulnerability>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId String
vulnerableArtifactsCount Integer: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Integer: Count of all vulnerable application dependencies.

applicationDependencies GetVulnerabilityAuditApplicationDependency[]
buildType string: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId string: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations GetVulnerabilityAuditConfiguration[]: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags {[key: string]: string}: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName string: The name of the vulnerability audit.
freeformTags {[key: string]: string}: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId string: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails string: Details on the lifecycle state.
maxObservedCvssV2score number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity string: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored string: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources GetVulnerabilityAuditSource[]: Source that published the vulnerability
state string: The current lifecycle state of the vulnerability audit.
systemTags {[key: string]: string}: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated string: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated string: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas GetVulnerabilityAuditUsageData[]: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities GetVulnerabilityAuditVulnerability[]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId string
vulnerableArtifactsCount number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored number: Count of all vulnerable application dependencies.

application_dependencies Sequence[GetVulnerabilityAuditApplicationDependency]
build_type str: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartment_id str: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations Sequence[GetVulnerabilityAuditConfiguration]: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
defined_tags Mapping[str, str]: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
display_name str: The name of the vulnerability audit.
freeform_tags Mapping[str, str]: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id str: Unique vulnerability identifier, e.g. CVE-1999-0067.
is_success bool: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledge_base_id str: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycle_details str: Details on the lifecycle state.
max_observed_cvss_v2score float: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v2score_with_ignored float: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
max_observed_cvss_v3score float: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
max_observed_cvss_v3score_with_ignored float: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
max_observed_severity str: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
max_observed_severity_with_ignored str: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources Sequence[GetVulnerabilityAuditSource]: Source that published the vulnerability
state str: The current lifecycle state of the vulnerability audit.
system_tags Mapping[str, str]: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created str: The creation date and time of the vulnerability audit (formatted according to RFC3339).
time_updated str: The update date and time of the vulnerability audit (formatted according to RFC3339).
usage_datas Sequence[GetVulnerabilityAuditUsageData]: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities Sequence[GetVulnerabilityAuditVulnerability]: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerability_audit_id str
vulnerable_artifacts_count int: Count of non-ignored vulnerable application dependencies.
vulnerable_artifacts_count_with_ignored int: Count of all vulnerable application dependencies.

applicationDependencies List<Property Map>
buildType String: The type of the build tool is restricted to only two values MAVEN or UNSET. Use UNSET when the list of application dependencies is not Maven-related or is a mix of Maven and other ecosystems. This option is soon to be deprecated.
compartmentId String: The compartment Oracle Cloud identifier (OCID) of the vulnerability audit.
configurations List<Property Map>: Configuration for a vulnerability audit. A vulnerable application dependency is ignored if its name does match any of the items in exclusions, or all of the associated Vulnerabilies have a CVSS v2 score below maxPermissibleCvssV2Score and a CVSS v3 score below maxPermissibleCvssV3Score. type: object
definedTags Map<String>: Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace.bar-key": "value"}
displayName String: The name of the vulnerability audit.
freeformTags Map<String>: Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"}
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isSuccess Boolean: Indicates if an audit succeeded according to the configuration. The value is null if the audit is in the CREATING state.
knowledgeBaseId String: The Oracle Cloud identifier (OCID) of the knowledge base.
lifecycleDetails String: Details on the lifecycle state.
maxObservedCvssV2score Number: Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV2scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable application dependencies including ignored ones.
maxObservedCvssV3score Number: Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable application dependencies.
maxObservedCvssV3scoreWithIgnored Number: Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable application dependencies including ignored ones.
maxObservedSeverity String: Maximum ADM Severity observed for non-ignored vulnerable application dependencies.
maxObservedSeverityWithIgnored String: Maximum ADM Severity observed for vulnerable application dependencies including ignored ones.
sources List<Property Map>: Source that published the vulnerability
state String: The current lifecycle state of the vulnerability audit.
systemTags Map<String>: Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The creation date and time of the vulnerability audit (formatted according to RFC3339).
timeUpdated String: The update date and time of the vulnerability audit (formatted according to RFC3339).
usageDatas List<Property Map>: The source details of the usage data in object storage. The usage data file uploaded to object storage must be a gzip archive of the JSON usage data returned from the GraalVM native-image-inspect tool after a native-image build. Set sourceType to objectStorageTuple and use UsageDataViaObjectStorageTupleDetails when specifying the namespace, bucket name, and object name.
vulnerabilities List<Property Map>: List of vulnerabilities found in the vulnerability audit. If a vulnerability affects multiple dependencies, the metadata returned here consists of audit-wide aggregates.
vulnerabilityAuditId String
vulnerableArtifactsCount Number: Count of non-ignored vulnerable application dependencies.
vulnerableArtifactsCountWithIgnored Number: Count of all vulnerable application dependencies.

Supporting Types

GetVulnerabilityAuditApplicationDependency

ApplicationDependencyNodeIds List<string>
Gav string
NodeId string
Purl string

ApplicationDependencyNodeIds []string
Gav string
NodeId string
Purl string

applicationDependencyNodeIds List<String>
gav String
nodeId String
purl String

applicationDependencyNodeIds string[]
gav string
nodeId string
purl string

application_dependency_node_ids Sequence[str]
gav str
node_id str
purl str

applicationDependencyNodeIds List<String>
gav String
nodeId String
purl String

GetVulnerabilityAuditConfiguration

Exclusions List<string>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

Exclusions []string: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
MaxPermissibleCvssV2score float64: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleCvssV3score float64: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
MaxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions List<String>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score Double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score Double: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity String: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions string[]: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity string: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions Sequence[str]: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
max_permissible_cvss_v2score float: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_cvss_v3score float: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
max_permissible_severity str: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

exclusions List<String>: A vulnerable application dependency is ignored if its name matches any of the items in exclusions. An asterisk (*) in the dependency pattern acts as a wildcard and matches zero or more characters.
maxPermissibleCvssV2score Number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleCvssV3score Number: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleCvssV2Score and below maxPermissibleCvssV3Score.
maxPermissibleSeverity String: A vulnerable application dependency is ignored if the score of its associated Vulnerability is below maxPermissibleSeverity.

GetVulnerabilityAuditSource

Description string: Description of the external resource source.
OciResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
Type string: Source type of the vulnerability audit.

Description string: Description of the external resource source.
OciResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
Type string: Source type of the vulnerability audit.

description String: Description of the external resource source.
ociResourceId String: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type String: Source type of the vulnerability audit.

description string: Description of the external resource source.
ociResourceId string: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type string: Source type of the vulnerability audit.

description str: Description of the external resource source.
oci_resource_id str: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type str: Source type of the vulnerability audit.

description String: Description of the external resource source.
ociResourceId String: The Oracle Cloud identifier (OCID) of the Oracle Cloud Infrastructure resource that triggered the vulnerability audit.
type String: Source type of the vulnerability audit.

GetVulnerabilityAuditUsageData

Bucket string: The Object Storage bucket to read the usage data from.
Namespace string: The Object Storage namespace to read the usage data from.
Object string: The Object Storage object name to read the usage data from.
SourceType string: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

Bucket string: The Object Storage bucket to read the usage data from.
Namespace string: The Object Storage namespace to read the usage data from.
Object string: The Object Storage object name to read the usage data from.
SourceType string: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

bucket String: The Object Storage bucket to read the usage data from.
namespace String: The Object Storage namespace to read the usage data from.
object String: The Object Storage object name to read the usage data from.
sourceType String: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

bucket string: The Object Storage bucket to read the usage data from.
namespace string: The Object Storage namespace to read the usage data from.
object string: The Object Storage object name to read the usage data from.
sourceType string: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

bucket str: The Object Storage bucket to read the usage data from.
namespace str: The Object Storage namespace to read the usage data from.
object str: The Object Storage object name to read the usage data from.
source_type str: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

bucket String: The Object Storage bucket to read the usage data from.
namespace String: The Object Storage namespace to read the usage data from.
object String: The Object Storage object name to read the usage data from.
sourceType String: The destination type. Use objectStorageTuple when specifying the namespace, bucket name, and object name.

GetVulnerabilityAuditVulnerability

CvssV2score double: Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score double: Common Vulnerability Scoring System (CVSS) Version 3.
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored bool: Indicates if the vulnerability was ignored according to the audit configuration.
Severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source string: Source that published the vulnerability

CvssV2score float64: Common Vulnerability Scoring System (CVSS) Version 2.
CvssV3score float64: Common Vulnerability Scoring System (CVSS) Version 3.
Id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
IsFalsePositive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
IsIgnored bool: Indicates if the vulnerability was ignored according to the audit configuration.
Severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
Source string: Source that published the vulnerability

cvssV2score Double: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score Double: Common Vulnerability Scoring System (CVSS) Version 3.
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive Boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored Boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity String: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source String: Source that published the vulnerability

cvssV2score number: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score number: Common Vulnerability Scoring System (CVSS) Version 3.
id string: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity string: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source string: Source that published the vulnerability

cvss_v2score float: Common Vulnerability Scoring System (CVSS) Version 2.
cvss_v3score float: Common Vulnerability Scoring System (CVSS) Version 3.
id str: Unique vulnerability identifier, e.g. CVE-1999-0067.
is_false_positive bool: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
is_ignored bool: Indicates if the vulnerability was ignored according to the audit configuration.
severity str: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source str: Source that published the vulnerability

cvssV2score Number: Common Vulnerability Scoring System (CVSS) Version 2.
cvssV3score Number: Common Vulnerability Scoring System (CVSS) Version 3.
id String: Unique vulnerability identifier, e.g. CVE-1999-0067.
isFalsePositive Boolean: Indicates if the vulnerability is a false positive according to the usage data. If no usage data was provided or the service cannot infer usage of the vulnerable code then this property is null.
isIgnored Boolean: Indicates if the vulnerability was ignored according to the audit configuration.
severity String: ADM qualitative severity score. Can be either NONE, LOW, MEDIUM, HIGH or CRITICAL.
source String: Source that published the vulnerability

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.Adm.getVulnerabilityAudit

On this page

On this page

Example Usage

Using getVulnerabilityAudit

getVulnerabilityAudit Result

Supporting Types

GetVulnerabilityAuditApplicationDependency

GetVulnerabilityAuditConfiguration

GetVulnerabilityAuditSource

GetVulnerabilityAuditUsageData

GetVulnerabilityAuditVulnerability

Package Details

On this page

On this page