update the affected packages to the following versions:
" + description += "The following packages are affected:
" for package_name, package_versions in packages.items(): - mitigation += "{name}:\n".format(name=package_name) + package_names.append(package_name.split('/')[0]) + + mitigation += "{name}:
".format(name=package_name) - description += "{name}:\n".format(name=package_name) + description += "{name}:
".format(name=package_name) for versions in package_versions: - mitigation += " {fixed}\n".format(fixed=versions.get("fixed_version", "unknown")) + mitigation += "{fixed}
".format(fixed=versions.get("fixed_version", "unknown")) - description += " installed version: {installed}\n".format(installed=versions.get("package_version", "unknown")) - description += " fixed version: {fixed}\n".format(fixed=versions.get("fixed_version", "unknown")) + description += "installed version: {installed}
".format(installed=versions.get("package_version", "unknown")) + description += "fixed version: {fixed}
".format(fixed=versions.get("fixed_version", "unknown")) link = vulnerability.get("link") if "link" in vulnerability else "" @@ -165,6 +166,13 @@ def get_asset_item(vulnerability, test): vulnerability_id = vulnerability.get("name") + # there is nothing like short description, short name or title + package_names_combined = ','.join(sorted(set(package_names), key=str)) + if len(package_names_combined) > 32: + package_names_combined = package_names_combined[-32:] + + title = "{packages}: ({vuln})".format(packages=package_names_combined, vuln=vulnerability.get("name").upper()) + # create the finding object finding = Finding( title=title,