Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Support Additional Metadata + CVSS Score Logic Update #2199

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

feat: Support Additional Metadata + CVSS Score Logic Update #2199

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
c25e5b8
init commit
Hacks4Snacks Jul 12, 2024
017a416
update static
Hacks4Snacks Jul 12, 2024
4c35f12
only return cvss if source matches else nil
Hacks4Snacks Jul 12, 2024
6b5e4df
update match logic + type conversion
Hacks4Snacks Jul 22, 2024
d92f973
update logic
Hacks4Snacks Jul 23, 2024
389e8b4
update TestGetScoreFromCVSS test
Hacks4Snacks Jul 23, 2024
f7eefb0
update docs
Hacks4Snacks Jul 23, 2024
aea8e4f
mage generations
Hacks4Snacks Jul 25, 2024
681f71e
check for nil values + update test
Jul 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
only return cvss if source matches else nil
  • Loading branch information
@Hacks4Snacks
Hacks4Snacks authored and hacks4snacks committed Jul 23, 2024
commit 4c35f128715adb3836a971d3ecc7863adb8c6a64
21 changes: 5 additions & 16 deletions pkg/vulnerabilityreport/io.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ func GetVulnerabilitiesFromScanResult(report ty.Result, addFields AdditionalFiel
Title: sr.Title,
PrimaryLink: sr.PrimaryURL,
Links: []string{},
Score: GetScoreFromCVSS(GetCvssV3(sr.CVSS)),
Score: GetScoreFromCVSS(GetCvssV3(sr.CVSS), sr.SeveritySource),
}

if addFields.Description {
Expand Down Expand Up @@ -206,22 +206,11 @@ func GetCvssV3(findingCvss types.VendorCVSS) map[string]*CVSS {
return cvssV3
}

func GetScoreFromCVSS(cvsss map[string]*CVSS) *float64 {
var nvdScore, vendorScore *float64

for name, cvss := range cvsss {
if name == "nvd" {
nvdScore = cvss.V3Score
} else {
vendorScore = cvss.V3Score
}
}

if nvdScore != nil {
return nvdScore
func GetScoreFromCVSS(cvsss map[string]*CVSS, severitySource string) *float64 {
if score, exists := cvsss[severitySource]; exists {
return score.V3Score
}

return vendorScore
return nil
}

type CVSS struct {
Expand Down