fix: EPSS reporting inconsistent #3461
Description
Description
There is inconsistency in the reporting of the EPSS metrics.
EPSS probability is reported as a value between 0 and 100 whereas the EPSS percentile is reported as a value between 0 and 1.
To reproduce
Run any scan.
Expected behaviour: EPSS Probability and EPSS percentile value in range 0-1 (for consistency with other tools reporting EPSS metrics)
Actual behaviour: EPSS probability value between 0 and 100, EPSS percentile value between 0 and 1
Version/platform info
Version of CVE-bin-tool( e.g. output of cve-bin-tool --version): Latest dev build 3.2.2dev0
Installed from pypi or github? github
Operating system: Linux/Windows (other platforms are unsupported but feel free to report issues anyhow) Linux (Debian)
- On Linux (or Windows Subsystem for Linux) you can run
uname -a - On Windows you can run
systeminfo | findstr /B /C:"OS Name" /C:"OS Version"
Python version (e.g.python3 --version): 3.10.8
Running in any particular CI environment we should know about? (e.g. Github Actions) N/A
Anything else?
Feel free to add any other context here.