add epss to generic csv with test

DefectDojo · Dec 20, 2024 · 8c6edd1 · 8c6edd1
1 parent 7f7803a
commit 8c6edd1
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 0 deletions.
diff --git a/dojo/tools/generic/csv_parser.py b/dojo/tools/generic/csv_parser.py
@@ -66,6 +66,12 @@ def _get_findings_csv(self, filename):
             if "CweId" in row:
                 finding.cwe = int(row["CweId"])
 
+            if "epss_score" in row:
+                finding.epss_score = float(row["epss_score"])
+
+            if "epss_percentile" in row:
+                finding.epss_percentile = float(row["epss_percentile"])
+
             if "CVSSV3" in row:
                 cvss_objects = cvss_parser.parse_cvss_from_text(row["CVSSV3"])
                 if len(cvss_objects) > 0:

diff --git a/unittests/scans/generic/generic_csv_with_epss.csv b/unittests/scans/generic/generic_csv_with_epss.csv
@@ -0,0 +1,2 @@
+Date,Title,CweId,epss_score,epss_percentile, Url,Severity,Description,Mitigation,Impact,References,Active,Verified,FalsePositive,Duplicate
+01/30/2018,"Server leaks inodes via ETags, header found with file /, fields: 0xW/109b 0xpqG8TolgxCnpM/7cGOOI0GRS+rc ",0,.00042,.23474,https://192.168.1.1/,Low,"Server leaks inodes via ETags, header found with file /, fields: 0xW/109b 0xpqG8TolgxCnpM/7cGOOI0GRS+rc ",,,,False,False,False,False
diff --git a/unittests/tools/test_generic_parser.py b/unittests/tools/test_generic_parser.py
@@ -649,3 +649,12 @@ def test_parse_json_invalid_finding(self):
             with self.assertRaisesMessage(ValueError,
                     "Not allowed fields are present: ['invalid_field', 'last_status_update']"):
                 parser.get_findings(file, Test())
+
+    def test_parse_csv_with_epss(self):
+        with open("unittests/scans/generic/generic_csv_with_epss.csv", encoding="utf-8") as file:
+            parser = GenericParser()
+            findings = parser.get_findings(file, self.test)
+            self.assertEqual(1, len(findings))
+            finding = findings[0]
+            self.assertEqual(.00042, finding.epss_score)
+            self.assertEqual(.23474, finding.epss_percentile)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		Date,Title,CweId,epss_score,epss_percentile, Url,Severity,Description,Mitigation,Impact,References,Active,Verified,FalsePositive,Duplicate
		01/30/2018,"Server leaks inodes via ETags, header found with file /, fields: 0xW/109b 0xpqG8TolgxCnpM/7cGOOI0GRS+rc ",0,.00042,.23474,https://192.168.1.1/,Low,"Server leaks inodes via ETags, header found with file /, fields: 0xW/109b 0xpqG8TolgxCnpM/7cGOOI0GRS+rc ",,,,False,False,False,False