From e53c80bb13e06d5c40a3c3fc84191bc67f4797ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Quirin=20Zie=C3=9Fler?=
 <19915467+quirinziessler@users.noreply.github.com>
Date: Sun, 11 Feb 2024 16:06:37 +0100
Subject: [PATCH 1/3] :tada: epss score for AWS SecHub

---
 dojo/tools/awssecurityhub/parser.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/dojo/tools/awssecurityhub/parser.py b/dojo/tools/awssecurityhub/parser.py
index 252c4c5a237..05f7f784ea0 100644
--- a/dojo/tools/awssecurityhub/parser.py
+++ b/dojo/tools/awssecurityhub/parser.py
@@ -122,6 +122,9 @@ def get_item(finding: dict, test):
         references.append(remediation_rec_url)
     false_p = False
 
+    if finding.get("Vulnerabilities", []).get("EpssScore") is not None:
+        epss_score = float(finding.get("Vulnerabilities", []).get("EpssScore"))
+
     result = Finding(
         title=f"{title}{title_suffix}",
         test=test,
@@ -140,6 +143,10 @@ def get_item(finding: dict, test):
         dynamic_finding=False,
         component_name=component_name,
     )
+
+    if epss_score:
+        result.epss_score = epss_score
+
     # Add the unsaved vulnerability ids
     result.unsaved_vulnerability_ids = unsaved_vulnerability_ids
 

From 39c58f946e210f18cea6c14f1c71e9d382df60ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Quirin=20Zie=C3=9Fler?= <quirin.ziessler@tradebyte.com>
Date: Mon, 12 Feb 2024 16:56:28 +0100
Subject: [PATCH 2/3] :tada: adjusted aws sechub parser to import inspector
 epss scores

---
 dojo/tools/awssecurityhub/parser.py           | 8 ++++----
 unittests/tools/test_awssecurityhub_parser.py | 1 +
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/dojo/tools/awssecurityhub/parser.py b/dojo/tools/awssecurityhub/parser.py
index 05f7f784ea0..dd5e30595e1 100644
--- a/dojo/tools/awssecurityhub/parser.py
+++ b/dojo/tools/awssecurityhub/parser.py
@@ -47,6 +47,7 @@ def get_item(finding: dict, test):
     impact = []
     references = []
     unsaved_vulnerability_ids = []
+    epss_score = None
     if aws_scanner_type == "Inspector":
         description = f"This is an Inspector Finding\n{finding.get('Description', '')}"
         vulnerabilities = finding.get("Vulnerabilities", [])
@@ -66,6 +67,8 @@ def get_item(finding: dict, test):
             if vendor := vulnerability.get("Vendor"):
                 if vendor_url := vendor.get("Url"):
                     references.append(vendor_url)
+            if vulnerability.get("EpssScore") != None:
+                epss_score = vulnerability.get("EpssScore")
 
         if finding.get("ProductFields", {}).get("aws/inspector/FindingStatus", "ACTIVE") == "ACTIVE":
             mitigated = None
@@ -122,9 +125,6 @@ def get_item(finding: dict, test):
         references.append(remediation_rec_url)
     false_p = False
 
-    if finding.get("Vulnerabilities", []).get("EpssScore") is not None:
-        epss_score = float(finding.get("Vulnerabilities", []).get("EpssScore"))
-
     result = Finding(
         title=f"{title}{title_suffix}",
         test=test,
@@ -144,7 +144,7 @@ def get_item(finding: dict, test):
         component_name=component_name,
     )
 
-    if epss_score:
+    if epss_score != None:
         result.epss_score = epss_score
 
     # Add the unsaved vulnerability ids
diff --git a/unittests/tools/test_awssecurityhub_parser.py b/unittests/tools/test_awssecurityhub_parser.py
index 6dd78605fd5..23a2796e837 100644
--- a/unittests/tools/test_awssecurityhub_parser.py
+++ b/unittests/tools/test_awssecurityhub_parser.py
@@ -101,3 +101,4 @@ def test_inspector_ecr(self):
             self.assertEqual("CVE-2023-2650 - openssl - Image: repo-os/sha256:af965ef68c78374a5f987fce98c0ddfa45801df2395bf012c50b863e65978d74", finding.title)
             self.assertIn("repo-os/sha256:af965ef68c78374a5f987fce98c0ddfa45801df2395bf012c50b863e65978d74", finding.impact)
             self.assertIn("Repository: repo-os", finding.impact)
+            self.assertEqual(0.0014, finding.epss_score)

From 6ae2d6491d538e271d030e89ef31efbdace4cedd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Quirin=20Zie=C3=9Fler?= <quirin.ziessler@tradebyte.com>
Date: Mon, 12 Feb 2024 16:58:59 +0100
Subject: [PATCH 3/3] flake8

---
 dojo/tools/awssecurityhub/parser.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dojo/tools/awssecurityhub/parser.py b/dojo/tools/awssecurityhub/parser.py
index dd5e30595e1..3c993ac41fb 100644
--- a/dojo/tools/awssecurityhub/parser.py
+++ b/dojo/tools/awssecurityhub/parser.py
@@ -67,7 +67,7 @@ def get_item(finding: dict, test):
             if vendor := vulnerability.get("Vendor"):
                 if vendor_url := vendor.get("Url"):
                     references.append(vendor_url)
-            if vulnerability.get("EpssScore") != None:
+            if vulnerability.get("EpssScore") is not None:
                 epss_score = vulnerability.get("EpssScore")
 
         if finding.get("ProductFields", {}).get("aws/inspector/FindingStatus", "ACTIVE") == "ACTIVE":
@@ -144,7 +144,7 @@ def get_item(finding: dict, test):
         component_name=component_name,
     )
 
-    if epss_score != None:
+    if epss_score is not None:
         result.epss_score = epss_score
 
     # Add the unsaved vulnerability ids