From 5425dfb899186066e543a3f555bc26f4ded6ed34 Mon Sep 17 00:00:00 2001
From: itai1357 <44339653+itai1357@users.noreply.github.com>
Date: Wed, 28 Feb 2024 16:15:01 +0200
Subject: [PATCH] fix(sca): handling unknown severity  (#6055)

* fix unknown severity

* warning

* print the vulnerabilities-details

---------

Co-authored-by: ipeleg <ipeleg@paloaltonetworks.com>
---
 checkov/common/sca/output.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/checkov/common/sca/output.py b/checkov/common/sca/output.py
index 41bf0588cff..7c53364f51b 100644
--- a/checkov/common/sca/output.py
+++ b/checkov/common/sca/output.py
@@ -182,9 +182,15 @@ def create_report_cve_record(
     package_type = get_package_type(package_name, package_version, sca_details)
     cve_id = vulnerability_details.get("id", vulnerability_details.get("cveId", '')).upper()
     severity = vulnerability_details.get("severity", DEFAULT_SEVERITY)
+
     # sanitize severity names
     if severity == "moderate":
         severity = "medium"
+    if severity.upper() not in Severities:
+        logging.warning(f"unknown severity - severity '{severity}' is unknown. using the DEFAULT_SEVERITY: '{DEFAULT_SEVERITY}' instead. "
+                        f"vulnerabilities-details: {vulnerability_details}")
+        severity = DEFAULT_SEVERITY
+
     description = vulnerability_details.get("description")
 
     check_result: _CheckResult = {