🐛 fix trivy parser cvss score severity discrepance #9092 #9114
DryRunSecurity / AI-powered Sensitive Function Check
succeeded
Dec 5, 2023 in 0s
Code Analysis
# DryRun Security AI-Powered Sensitive Function Check
Detected a total of 4 potentially sensitive functions.
Names:
convert_cvss_score,get_result_items,convert_cvss_score,test_issue_9092
Annotations
Check warning on line 68 in dojo/tools/trivy/parser.py
dryrunsecurity / AI-powered Sensitive Function Check
Possible Sensitive Function
Our AI-Powered Sensitive Function checker believes it has discovered
a sensitive function being modified in this PR. The name of the function
is `convert_cvss_score`. Extra care must be taken when modifying a
function that is potentially security-sensitive. The following reason was
provided for why this function was flagged as sensitive:
The function name contains 'cvss' which indicates it is related to authentication or authorization.
Check warning on line 161 in dojo/tools/trivy/parser.py
dryrunsecurity / AI-powered Sensitive Function Check
Possible Sensitive Function
Our AI-Powered Sensitive Function checker believes it has discovered
a sensitive function being modified in this PR. The name of the function
is `get_result_items`. Extra care must be taken when modifying a
function that is potentially security-sensitive. The following reason was
provided for why this function was flagged as sensitive:
The function name contains 'severity', 'cvss', and 'finding' which indicates it is related to authentication or authorization.
Check warning on line 24 in unittests/scans/trivy/issue_9092.json
dryrunsecurity / AI-powered Sensitive Function Check
Possible Sensitive Function
Our AI-Powered Sensitive Function checker believes it has discovered
a sensitive function being modified in this PR. The name of the function
is `convert_cvss_score`. Extra care must be taken when modifying a
function that is potentially security-sensitive. The following reason was
provided for why this function was flagged as sensitive:
The function name contains 'cvss' which indicates it is related to authentication or authorization.
Check warning on line 217 in unittests/tools/test_trivy_parser.py
dryrunsecurity / AI-powered Sensitive Function Check
Possible Sensitive Function
Our AI-Powered Sensitive Function checker believes it has discovered
a sensitive function being modified in this PR. The name of the function
is `test_issue_9092`. Extra care must be taken when modifying a
function that is potentially security-sensitive. The following reason was
provided for why this function was flagged as sensitive:
The function name contains 'test' which indicates it is related to authentication or authorization.