CVSS field of Vulnerability is not parsed
Summary
Support for CVSS field is added to dependency scanning report as the part of Update Gemnasium dependency scanner to emit a r... (#422033 - closed). Although the parser is not parsing the cvss
due to name mismatch, hence cvss
field of vulnerability model is not populated.
Steps to reproduce
- Run the dependency scanning job.
- Check that the output JSON report has
cvss
field. - Go to rails console and check the corresponding vulnerability with cvss field in JSON. The db record will show cvss as empty array.
Example Project
Any project with dependency scanning will do. Can be tested with example project too.
What is the expected correct behavior?
- Vulnerability db record should have
cvss
field populated upon completion of job.