updates gosec parser - fixes protection on cwe_id conversion

maxi-bee · web-flow · commit fc2634f1d1a5 · 2026-03-23T22:05:20.000+01:00
- Added a protection on the cwe_id assignment via the integer convertion from string
diff --git a/dojo/tools/gosec/parser.py b/dojo/tools/gosec/parser.py
@@ -47,7 +47,7 @@ def get_findings(self, filename, test):
             if cwe_data:
                 cwe_id_str = cwe_data.get("id")
                 if cwe_id_str:
-                    cwe_id = int(cwe_id_str)
+                    cwe_id = int(cwe_id_str) if cwe_id_str.isdigit() else None
                 cwe_url = cwe_data.get("url")
                 if cwe_url:
                     references = cwe_url
