Accommodate updated parse_cvss_data return format

Author: Maffooch

dojo/tools/dependency_check/parser.py

@@ -234,8 +234,8 @@ def get_severity_and_cvss_meta(self, vulnerability, namespace) -> dict:
                 version = cvssv3_node.findtext("version") or "3.1"
                 vector = f"CVSS:{version}/" + "/".join(vector_parts)
                 if cvss_data := parse_cvss_data(vector):
-                    cvssv3 = cvss_data.get("vector")
-                    cvssv3_score = cvss_data.get("score")
+                    cvssv3 = cvss_data.get("cvssv3")
+                    cvssv3_score = cvss_data.get("cvssv3_score")
                     severity = cvss_data.get("severity")
             except Exception as e:
                 # Only log the error - there is not much we can do to recover from this

dojo/tools/trivy/parser.py

@@ -263,8 +263,8 @@ def get_result_items(self, test, results, service_name=None, artifact_name=""):
                     # Parse the CVSS class if it is not None
                     if cvssclass is not None:
                         if cvss_data := parse_cvss_data(cvssclass.get("V3Vector", "")):
-                            cvssv3 = cvss_data.get("vector")
-                            cvssv3_score = cvss_data.get("score")
+                            cvssv3 = cvss_data.get("cvssv3")
+                            cvssv3_score = cvss_data.get("cvssv3_score")
                             severity = cvss_data.get("severity")
                         elif (cvss_v3_score := cvssclass.get("V3Score")) is not None:
                             cvssv3_score = cvss_v3_score