fix(sca): handling unknown severity (#6055)

* fix unknown severity * warning * print the vulnerabilities-details --------- Co-authored-by: ipeleg <[email protected]>
bridgecrewio · Feb 28, 2024 · 5425dfb · 5425dfb
1 parent 1f21771
commit 5425dfb
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/checkov/common/sca/output.py b/checkov/common/sca/output.py
@@ -182,9 +182,15 @@ def create_report_cve_record(
     package_type = get_package_type(package_name, package_version, sca_details)
     cve_id = vulnerability_details.get("id", vulnerability_details.get("cveId", '')).upper()
     severity = vulnerability_details.get("severity", DEFAULT_SEVERITY)
+
     # sanitize severity names
     if severity == "moderate":
         severity = "medium"
+    if severity.upper() not in Severities:
+        logging.warning(f"unknown severity - severity '{severity}' is unknown. using the DEFAULT_SEVERITY: '{DEFAULT_SEVERITY}' instead. "
+                        f"vulnerabilities-details: {vulnerability_details}")
+        severity = DEFAULT_SEVERITY
+
     description = vulnerability_details.get("description")
 
     check_result: _CheckResult = {