Most of the current source code vulnerability detection methods only rely on a single feature, and the single dimension of characterization results in inefficient methods. To address the above issues, a vulnerability detection method based on structured text and code metrics is proposed to detect vulnerabilities at the function-level granularity. Using source code structured text information and code metrics as features, long-term dependencies in structured text information are captured by constructing a self-attention based neural network to fit the relationship between structured text and the existence of vulnerabilities and translate them into the probability of vulnerabilities. The deep neural network is used to learn the characteristics of the results of code metrics to fit the relationship between code metrics and the existence of vulnerabilities, and the fitted results are transformed into the probability of vulnerabilities. Support Vector Machine (SVM) is used to further classify the probabilities of vulnerabilities obtained by the above two representations and obtain the final results of vulnerability detection. To verify the vulnerability detection performance of this method, 11 source code samples with different types of vulnerabilities are tested. The average detection accuracy of this method for each vulnerability is 97.96%. Compared with the existing vulnerability detection methods based on a single representation, this method improves the detection accuracy by 4.89%~12.21%, and at the same time. the false positive and false negative rates of this method are kept within 10%.