🎉 update for snyk parser: added epss score import

DefectDojo · Feb 12, 2024 · 9b55262 · 9b55262
1 parent 7124335
commit 9b55262
Show file tree

Hide file tree

Showing 3 changed files with 1,468 additions and 0 deletions.
diff --git a/dojo/tools/snyk/parser.py b/dojo/tools/snyk/parser.py
@@ -144,6 +144,10 @@ def get_item(self, vulnerability, test, target_file=None, upgrades=None):
         if vulnerability.get("CVSSv3"):
             finding.cvssv3 = CVSS3(vulnerability["CVSSv3"]).clean_vector()
 
+        if vulnerability.get("epssDetails") is not None:
+            finding.epss_score = vulnerability["epssDetails"]["probability"]
+            finding.epss_percentile = vulnerability["epssDetails"]["percentile"]
+
         # manage CVE and CWE with idnitifiers
         cwe_references = ""
         if "identifiers" in vulnerability: