fixup! Fix handling of triage data

r-vdp · r-vdp · commit 7ce4c0369090 · 2024-06-05T20:29:41.000+02:00
diff --git a/cve_bin_tool/cve_scanner.py b/cve_bin_tool/cve_scanner.py
@@ -302,9 +302,22 @@ def get_cves(self, product_info: ProductInfo, triage_data: TriageData):
                         # or it is trivial (newly found cve)
                         not cve.remarks or cve.remarks == Remarks.NewFound
                     ):
-                        for key in ["remarks", "comments", "response", "justification"]:
+                        for key in [
+                            "remarks",
+                            "comments",
+                            "response",
+                            "justification",
+                            "severity",
+                        ]:
                             data = triage.get(key)
                             if data:
+                                if (
+                                    key == "severity"
+                                    and self.check_exploits
+                                    and row_dict["cve_number"] in self.exploits_list
+                                ):
+                                    data += "-EXPLOIT"
+
                                 self.logger.debug(f"Setting field {key} to: {data}")
                                 cve = cve._replace(**{key: data})
 
