nancy: migrate from cve to unsaved_vulnerability_ids (#9834)

DefectDojo · Apr 8, 2024 · 2060466 · 2060466
1 parent 69bc02b
commit 2060466
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/dojo/tools/nancy/parser.py b/dojo/tools/nancy/parser.py
@@ -63,7 +63,6 @@ def get_items(self, vulnerable, test):
                         static_finding=True,
                         dynamic_finding=False,
                         vuln_id_from_tool=associated_vuln["Id"],
-                        cve=associated_vuln['Cve'],
                         references="\n".join(references),
                     )
 

diff --git a/unittests/tools/test_nancy_parser.py b/unittests/tools/test_nancy_parser.py
@@ -23,6 +23,8 @@ def test_nancy_parser_with_one_vuln_has_one_findings(self):
             self.assertEqual('Info', finding.severity)
             self.assertIsNotNone(finding.description)
             self.assertGreater(len(finding.description), 0)
+            self.assertEqual(None, finding.cve)
+            self.assertEqual("CVE-2017-1000070", finding.unsaved_vulnerability_ids[0])
             self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", finding.cvssv3)
 
     def test_nancy_plus_parser_with_many_vuln_has_many_findings(self):