# Vulnerability
<a name="API_Vulnerability"></a>

Contains details about a specific vulnerability Amazon Inspector can detect.

## Contents
<a name="API_Vulnerability_Contents"></a>

 ** id **   <a name="inspector2-Type-Vulnerability-id"></a>
The ID for the specific vulnerability.  
Type: String  
Length Constraints: Minimum length of 1.  
Required: Yes

 ** atigData **   <a name="inspector2-Type-Vulnerability-atigData"></a>
An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.  
Type: [AtigData](API_AtigData.md) object  
Required: No

 ** cisaData **   <a name="inspector2-Type-Vulnerability-cisaData"></a>
An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.  
Type: [CisaData](API_CisaData.md) object  
Required: No

 ** cvss2 **   <a name="inspector2-Type-Vulnerability-cvss2"></a>
An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.  
Type: [Cvss2](API_Cvss2.md) object  
Required: No

 ** cvss3 **   <a name="inspector2-Type-Vulnerability-cvss3"></a>
An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.  
Type: [Cvss3](API_Cvss3.md) object  
Required: No

 ** cvss4 **   <a name="inspector2-Type-Vulnerability-cvss4"></a>
An object that contains the Common Vulnerability Scoring System (CVSS) Version 4 details for the vulnerability.  
Type: [Cvss4](API_Cvss4.md) object  
Required: No

 ** cwes **   <a name="inspector2-Type-Vulnerability-cwes"></a>
The Common Weakness Enumeration (CWE) associated with the vulnerability.  
Type: Array of strings  
Array Members: Minimum number of 0 items.  
Length Constraints: Minimum length of 0.  
Required: No

 ** description **   <a name="inspector2-Type-Vulnerability-description"></a>
A description of the vulnerability.  
Type: String  
Required: No

 ** detectionPlatforms **   <a name="inspector2-Type-Vulnerability-detectionPlatforms"></a>
Platforms that the vulnerability can be detected on.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 1.  
Required: No

 ** epss **   <a name="inspector2-Type-Vulnerability-epss"></a>
An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.  
Type: [Epss](API_Epss.md) object  
Required: No

 ** exploitObserved **   <a name="inspector2-Type-Vulnerability-exploitObserved"></a>
An object that contains details on when the exploit was observed.  
Type: [ExploitObserved](API_ExploitObserved.md) object  
Required: No

 ** referenceUrls **   <a name="inspector2-Type-Vulnerability-referenceUrls"></a>
Links to various resources with more information on this vulnerability.   
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 0.  
Required: No

 ** relatedVulnerabilities **   <a name="inspector2-Type-Vulnerability-relatedVulnerabilities"></a>
A list of related vulnerabilities.  
Type: Array of strings  
Array Members: Minimum number of 0 items. Maximum number of 100 items.  
Length Constraints: Minimum length of 0.  
Required: No

 ** source **   <a name="inspector2-Type-Vulnerability-source"></a>
The source of the vulnerability information. Possible results are `RHEL`, `AMAZON_CVE`, `DEBIAN` or `NVD`.  
Type: String  
Valid Values: `NVD`   
Required: No

 ** sourceUrl **   <a name="inspector2-Type-Vulnerability-sourceUrl"></a>
A link to the official source material for this vulnerability.  
Type: String  
Length Constraints: Minimum length of 0.  
Required: No

 ** vendorCreatedAt **   <a name="inspector2-Type-Vulnerability-vendorCreatedAt"></a>
The date and time when the vendor created this vulnerability.  
Type: Timestamp  
Required: No

 ** vendorSeverity **   <a name="inspector2-Type-Vulnerability-vendorSeverity"></a>
The severity assigned by the vendor.  
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 64.  
Required: No

 ** vendorUpdatedAt **   <a name="inspector2-Type-Vulnerability-vendorUpdatedAt"></a>
The date and time when the vendor last updated this vulnerability.  
Type: Timestamp  
Required: No

## See Also
<a name="API_Vulnerability_SeeAlso"></a>

For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/inspector2-2020-06-08/Vulnerability) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/inspector2-2020-06-08/Vulnerability) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/inspector2-2020-06-08/Vulnerability)