Wallarm · Schema

Wallarm Vulnerability

Schema for a vulnerability detected by Wallarm active security testing.

API SecuritySecurity TestingWAFCybersecurity

Properties

Name Type Description
id integer Unique vulnerability identifier
type string Vulnerability type
status string Current vulnerability status
severity string Vulnerability severity rating
domain string Affected domain
path string Affected URL path
method string HTTP method
parameter string Vulnerable parameter name
description string Human-readable vulnerability description
discovered integer Unix timestamp when vulnerability was first discovered
fixed_at integernull Unix timestamp when vulnerability was marked as fixed
View JSON Schema on GitHub

JSON Schema

wallarm-vulnerability-schema.json Raw ↑ 
{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://github.com/api-evangelist/wallarm/blob/main/json-schema/wallarm-vulnerability-schema.json",
  "title": "Wallarm Vulnerability",
  "description": "Schema for a vulnerability detected by Wallarm active security testing.",
  "type": "object",
  "properties": {
    "id": {
      "type": "integer",
      "description": "Unique vulnerability identifier"
    },
    "type": {
      "type": "string",
      "description": "Vulnerability type",
      "enum": ["sqli", "xss", "rce", "lfi", "ptrav", "crlf", "redir", "nosqli", "xxe", "ssrf"]
    },
    "status": {
      "type": "string",
      "description": "Current vulnerability status",
      "enum": ["active", "fixed", "false_positive"]
    },
    "severity": {
      "type": "string",
      "description": "Vulnerability severity rating",
      "enum": ["critical", "high", "medium", "low"]
    },
    "domain": {
      "type": "string",
      "description": "Affected domain"
    },
    "path": {
      "type": "string",
      "description": "Affected URL path"
    },
    "method": {
      "type": "string",
      "description": "HTTP method",
      "enum": ["GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"]
    },
    "parameter": {
      "type": "string",
      "description": "Vulnerable parameter name"
    },
    "description": {
      "type": "string",
      "description": "Human-readable vulnerability description"
    },
    "discovered": {
      "type": "integer",
      "description": "Unix timestamp when vulnerability was first discovered"
    },
    "fixed_at": {
      "type": ["integer", "null"],
      "description": "Unix timestamp when vulnerability was marked as fixed"
    }
  },
  "required": ["id", "type", "status", "severity"]
}