diff --git a/dojo/tools/neuvector/parser.py b/dojo/tools/neuvector/parser.py index 2330b87f3a..9ce1a6932e 100644 --- a/dojo/tools/neuvector/parser.py +++ b/dojo/tools/neuvector/parser.py @@ -127,6 +127,9 @@ def get_item(vulnerability, test): def get_asset_item(vulnerability, test): + # there is nothing like short description, short name or title + title = vulnerability.get("name").upper() + severity = ( convert_severity(vulnerability.get("severity")) if "severity" in vulnerability @@ -142,9 +145,15 @@ def get_asset_item(vulnerability, test): mitigation += "update the affected packages to the following:\n" description += "\nThe following packages are affected:\n" - for package_name, package_version in packages.items(): - mitigation += "{name}: {version}".format(name=package_name, version=package_version) - description += "{name}: {version}".format(name=package_name, version=package_version) + for package_name, package_versions in packages.items(): + mitigation += "{name}:\n".format(name=package_name) + + description += "{name}:\n".format(name=package_name) + for versions in package_versions: + mitigation += " {fixed}\n".format(fixed=versions.get("fixed_version", "unknown")) + + description += " installed version: {installed}\n".format(installed=versions.get("package_version", "unknown")) + description += " fixed version: {fixed}\n".format(fixed=versions.get("fixed_version", "unknown")) link = vulnerability.get("link") if "link" in vulnerability else "" @@ -158,7 +167,7 @@ def get_asset_item(vulnerability, test): # create the finding object finding = Finding( - title=vulnerability.get("name"), + title=title, test=test, description=description, severity=severity, @@ -170,8 +179,7 @@ def get_asset_item(vulnerability, test): publish_date=published, ) - if vulnerability_id: - finding.unsaved_vulnerability_ids = vulnerability_id + finding.unsaved_vulnerability_ids.append(vulnerability_id) finding.unsaved_endpoints = []