regscale-cli 6.20.10.0__py3-none-any.whl → 6.21.0.0__py3-none-any.whl

regscale/models/integration_models/cisa_kev_data.json

@@ -1,9 +1,52 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.07.29",
-    "dateReleased": "2025-07-29T12:46:00.2038Z",
-    "count": 1391,
+    "catalogVersion": "2025.08.05",
+    "dateReleased": "2025-08-05T18:03:16.7522Z",
+    "count": 1394,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2020-25078",
+            "vendorProject": "D-Link",
+            "product": "DCS-2530L and DCS-2670L Devices",
+            "vulnerabilityName": "D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability",
+            "dateAdded": "2025-08-05",
+            "shortDescription": "D-Link DCS-2530L and DCS-2670L devices contains an unspecified vulnerability that could allow for remote administrator password disclosure. The impacted products could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-26",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.dlink.com\/productinfo.aspx?m=DCS-2530L ; https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10180 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-25078",
+            "cwes": []
+        },
+        {
+            "cveID": "CVE-2020-25079",
+            "vendorProject": "D-Link",
+            "product": "DCS-2530L and DCS-2670L Devices",
+            "vulnerabilityName": "D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability",
+            "dateAdded": "2025-08-05",
+            "shortDescription": "D-Link DCS-2530L and DCS-2670L devices contains a command injection vulnerability in the cgi-bin\/ddns_enc.cgi. The impacted products could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-26",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.dlink.com\/productinfo.aspx?m=DCS-2530L ; https:\/\/supportannouncement.us.dlink.com\/announcement\/publication.aspx?name=SAP10180 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-25079",
+            "cwes": [
+                "CWE-77"
+            ]
+        },
+        {
+            "cveID": "CVE-2022-40799",
+            "vendorProject": "D-Link",
+            "product": "DNR-322L",
+            "vulnerabilityName": "D-Link DNR-322L Download of Code Without Integrity Check Vulnerability",
+            "dateAdded": "2025-08-05",
+            "shortDescription": "D-Link DNR-322L contains a download of code without integrity check vulnerability that could allow an authenticated attacker to execute OS level commands on the device. The impacted products could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-26",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.dlink.com\/uk\/en\/products\/dnr-322l-cloud-network-video-recorder ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-40799",
+            "cwes": [
+                "CWE-494"
+            ]
+        },
         {
             "cveID": "CVE-2023-2533",
             "vendorProject": "PaperCut",
@@ -148,7 +191,7 @@
             "shortDescription": "Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-53771. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.",
             "requiredAction": "Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
             "dueDate": "2025-07-21",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "CISA Mitigation Instructions: https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/07\/20\/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770; https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/22\/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities\/ ; https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-53770 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-53770",
             "cwes": [
                 "CWE-502"

regscale/models/integration_models/defenderimport.py

@@ -3,13 +3,14 @@ Integration model to import data from Defender .csv export
 """
 
 import json
-from typing import Optional
+from typing import Iterator, List, Optional
 
 from regscale.core.app.application import Application
 from regscale.core.app.logz import create_logger
-from regscale.core.app.utils.app_utils import get_current_datetime, is_valid_fqdn
+from regscale.core.app.utils.app_utils import is_valid_fqdn
 from regscale.core.utils.date import datetime_obj, datetime_str
-from regscale.models import Asset, ImportValidater, Vulnerability
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.models import Asset, ImportValidater, IssueSeverity, IssueStatus
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
 
 
@@ -60,7 +61,7 @@ class DefenderImport(FlatFileImporter):
 
         return datetime_str(dt_object, self.dt_format)
 
-    def create_asset(self, dat: Optional[dict] = None) -> Asset:
+    def create_asset(self, dat: Optional[dict] = None) -> IntegrationAsset:
         """
         Create an asset from a row in the Snyk file
 
@@ -72,72 +73,76 @@ class DefenderImport(FlatFileImporter):
         os = Asset.find_os(additional_data.get("imageDetails", {}).get("osDetails", ""))
         name = additional_data.get("repositoryName", "")
         valid_name = is_valid_fqdn(name)
-        return Asset(
-            **{
-                "id": 0,
-                "name": name,
-                "ipAddress": "0.0.0.0",
-                "isPublic": True,
-                "status": "Active (On Network)",
-                "assetCategory": "Software",
-                "bLatestScan": True,
-                "bAuthenticatedScan": True,
-                "scanningTool": self.name,
-                "assetOwnerId": self.config["userId"],
-                "assetType": "Other",
-                "fqdn": name if valid_name else None,
-                "systemAdministratorId": self.config["userId"],
-                "parentId": self.attributes.parent_id,
-                "parentModule": self.attributes.parent_module,
-                "operatingSystem": os,
-            }
+        return IntegrationAsset(
+            identifier=name,
+            name=name,
+            ip_address="0.0.0.0",
+            status="Active (On Network)",
+            asset_category="Software",
+            scanning_tool=self.name,
+            asset_type="Other",
+            fqdn=name if valid_name else None,
+            operating_system=os,
         )
 
-    def create_vuln(self, dat: Optional[dict] = None, **kwargs: dict) -> Optional[Vulnerability]:
+    def create_vuln(self, dat: Optional[dict] = None, **kwargs: dict) -> Iterator[IntegrationFinding]:
         """
         Create a vulnerability from a row in the Snyk csv file
 
         :param Optional[dict] dat: Data row from CSV file, defaults to None
         :param dict **kwargs: Additional keyword arguments
-        :return: RegScale Vulnerability object or None
-        :rtype: Optional[Vulnerability]
+        :return: RegScale Iterator of findings
+        :rtype: Iterator[IntegrationFinding]
         """
-        regscale_vuln = None
-        severity = self.mapping.get_value(dat, "SEVERITY", "").lower()
+        regscale_findings: List[IntegrationFinding] = []
+        severity = self.determine_severity(self.mapping.get_value(dat, "SEVERITY", "").lower())
         additional_data = json.loads(self.mapping.get_value(dat, "ADDITIONALDATA", {}))
         hostname = additional_data.get("repositoryName", "")
         description = self.mapping.get_value(dat, self.vuln_title)
         solution = self.mapping.get_value(dat, self.vuln_id)
-        config = self.attributes.app.config
-        asset_match = [asset for asset in self.data["assets"] if asset.name == hostname]
-        asset = asset_match[0] if asset_match else None
         cves = [cve.get("title", "") for cve in additional_data.get("cve", [])]
         cvss_v3_score = float(additional_data.get("cvssV30Score", 0))
-        if dat and asset_match:
-            regscale_vuln = Vulnerability(
-                id=0,
-                scanId=0,  # set later
-                parentId=asset.id,
-                parentModule="assets",
-                ipAddress="0.0.0.0",  # No ip address available
-                lastSeen=get_current_datetime(),
-                firstSeen=self.determine_first_seen(dat),
-                daysOpen=None,
-                dns=hostname,
-                mitigated=None,
-                operatingSystem=None,
-                severity=severity,
-                plugInName=description,
-                cve=", ".join(cves) if cves else self.mapping.get_value(dat, self.vuln_title),
-                vprScore=None,
-                cvsSv3BaseScore=cvss_v3_score,
-                tenantsId=0,
-                title=f"{description} on asset {asset.name}",
-                description=description,
-                plugInText=self.mapping.get_value(dat, self.vuln_title),
-                createdById=config["userId"],
-                lastUpdatedById=config["userId"],
-                dateCreated=get_current_datetime(),
-                extra_data={"solution": solution},
-            )
-        return regscale_vuln
+        if dat:
+            if cves and isinstance(cves, list):
+                for cve in cves:
+                    regscale_finding = IntegrationFinding(
+                        title=f"{description} on asset {hostname}",
+                        asset_identifier=hostname,
+                        description=description,
+                        severity=severity,
+                        status=IssueStatus.Open.value,
+                        cvss_v3_score=cvss_v3_score,
+                        cvss_v3_base_score=cvss_v3_score,
+                        plugin_name=description,
+                        plugin_text=self.mapping.get_value(dat, self.vuln_title),
+                        cve=cve,
+                        recommendation_for_mitigation=solution,
+                        first_seen=self.determine_first_seen(dat),
+                        last_seen=self.scan_date,
+                        scan_date=self.scan_date,
+                        category="Software",
+                        control_labels=[],
+                    )
+                    regscale_findings.append(regscale_finding)
+            else:
+                regscale_finding = IntegrationFinding(
+                    title=f"{description} on asset {hostname}",
+                    description=description,
+                    severity=severity,
+                    status=IssueStatus.Open.value,
+                    cvss_v3_score=cvss_v3_score,
+                    cvss_v3_base_score=cvss_v3_score,
+                    plugin_name=description,
+                    plugin_text=self.mapping.get_value(dat, self.vuln_title),
+                    asset_identifier=hostname,
+                    cve=self.mapping.get_value(dat, self.vuln_title),
+                    recommendation_for_mitigation=solution,
+                    first_seen=self.determine_first_seen(dat),
+                    last_seen=self.scan_date,
+                    scan_date=self.scan_date,
+                    category="Software",
+                    control_labels=[],
+                )
+                regscale_findings.append(regscale_finding)
+
+        yield from regscale_findings

regscale/models/integration_models/ecr_models/ecr.py

@@ -2,39 +2,45 @@
 ECR Scan information
 """
 
-import json
-from pathlib import Path
-from typing import Any, List, Optional, Sequence, Union
+from typing import List, Optional, Union
 
 from regscale.core.app.application import Application
 from regscale.core.app.logz import create_logger
-from regscale.core.app.utils.app_utils import get_current_datetime, is_valid_fqdn
-from regscale.exceptions import ValidationException
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
 from regscale.models import ImportValidater
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
+from regscale.models.regscale_models import AssetStatus, IssueSeverity, IssueStatus
 from regscale.models.regscale_models.asset import Asset
-from regscale.models.regscale_models.vulnerability import Vulnerability
 
 
 class ECR(FlatFileImporter):
     """ECR Scan information"""
 
     def __init__(self, **kwargs):
-        self.name = kwargs.get("name")
-        self.vuln_title = "name"
-        self.fmt = "%m/%d/%y"
-        self.dt_format = "%Y-%m-%d %H:%M:%S"
-        self.image_name = "Name"
-        self.raw_dict = {}
-        self.required_headers = [
-            self.image_name,
-        ]
-        self.mapping_file = kwargs.get("mappings_path")
-        self.disable_mapping = kwargs.get("disable_mapping")
-        self.file_type = kwargs.get("file_type")
-        keys = ["imageScanFindings", "findings"] if self.file_type == ".json" else None
+        # Group related attributes to reduce instance attribute count
+        self.scanner_config = {
+            "name": kwargs.get("name"),
+            "vuln_title": "name",
+            "fmt": "%m/%d/%y",
+            "dt_format": "%Y-%m-%d %H:%M:%S",
+            "image_name": "Name",
+        }
+        self.mapping_config = {
+            "mapping_file": kwargs.get("mappings_path"),
+            "disable_mapping": kwargs.get("disable_mapping"),
+        }
+        self.file_config = {
+            "file_type": kwargs.get("file_type"),
+            "raw_dict": {},
+        }
+        self.required_headers = [self.scanner_config["image_name"]]
+        keys = ["imageScanFindings", "findings"] if self.file_config["file_type"] == ".json" else None
         self.validater = ImportValidater(
-            self.required_headers, kwargs.get("file_path"), self.mapping_file, self.disable_mapping, keys=keys
+            self.required_headers,
+            kwargs.get("file_path"),
+            self.mapping_config["mapping_file"],
+            self.mapping_config["disable_mapping"],
+            keys=keys,
         )
         self.headers = self.validater.parsed_headers
         self.mapping = self.validater.mapping
@@ -48,92 +54,55 @@ class ECR(FlatFileImporter):
             **kwargs,
         )
 
-    def file_to_list_of_dicts(
-        self,
-    ) -> tuple[Optional[Sequence[str]], Union[dict, list[Any]]]:
+    def create_asset(self, dat: Optional[dict] = None) -> IntegrationAsset:
         """
-        Override the base method: Converts a json or csv file to a list of dictionaries
-
-        :raises ValidationException: If the headers in the csv/xlsx file do not match the expected headers
-        :return: Tuple of header and data from csv file
-        :rtype: tuple[Optional[Sequence[str]], Union[dict, list[Any]]]
-        """
-        header: Optional[Sequence[str]] = []
-        data: dict = {}
-        with open(self.attributes.file_path, encoding="utf-8") as file:
-            if file.name.endswith(".csv"):
-                data, header = self.convert_csv_to_dict(file)
-            elif file.name.endswith(".json"):
-                try:
-                    # Filter possible null values
-                    self.raw_dict = json.load(file)
-                    if not isinstance(self.raw_dict, dict):
-                        raise ValidationException(
-                            f"Invalid JSON file. Must be a dictionary, it is {type(self.raw_dict)}"
-                        )
-                    data = self.raw_dict.get("imageScanFindings", {}).get("findings", [])
-                except json.JSONDecodeError:
-                    raise ValidationException("Invalid JSON file. Encountered a JSONDecodeError.")
-            else:
-                raise ValidationException(
-                    f"Unsupported file type. Must be a .csv or .json file.\nProvided: {self.file_type}"
-                )
-        return header, data
-
-    def create_asset(self, dat: Optional[dict] = None) -> Asset:
-        """
-        Create an asset from a row in the ECR file
+        Create an integration asset from a row in the ECR file
 
         :param Optional[dict] dat: Data row from file, defaults to None
-        :return: RegScale Asset object
-        :rtype: Asset
+        :return: RegScale IntegrationAsset object
+        :rtype: IntegrationAsset
         """
         name = self.mapping.get_value(dat, "Name") or self.mapping.get_value(dat, "name")
-        if repository_name := self.mapping.get_value(dat, "repositoryName", self.raw_dict.get("repositoryName", "")):
-            if (image_id_data := self.raw_dict.get("imageId", {}).get("imageDigest", "").split(":")) and len(
-                image_id_data
-            ) > 1:
+        if repository_name := self.mapping.get_value(
+            dat, "repositoryName", self.file_config["raw_dict"].get("repositoryName", "")
+        ):
+            image_id_data = self.file_config["raw_dict"].get("imageId", {}).get("imageDigest", "").split(":")
+            if image_id_data and len(image_id_data) > 1:
                 image_id = image_id_data[1]
             else:
                 image_id = image_id_data[0]
             name = f"{repository_name}:{image_id}"
 
         # Check if string has a forward slash
-        return Asset(
-            **{
-                "id": 0,
-                "name": name,
-                "description": "Container Image" if name and "/" in name else "",
-                "operatingSystem": "Linux",
-                "operatingSystemVersion": "",
-                "ipAddress": "0.0.0.0",
-                "isPublic": True,
-                "status": "Active (On Network)",
-                "assetCategory": "Software",
-                "bLatestScan": True,
-                "bAuthenticatedScan": True,
-                "scanningTool": self.name,
-                "assetOwnerId": self.config["userId"],
-                "assetType": "Other",
-                "fqdn": name if is_valid_fqdn(name) else None,
-                "systemAdministratorId": self.config["userId"],
-                "parentId": self.attributes.parent_id,
-                "parentModule": self.attributes.parent_module,
-            }
+        return IntegrationAsset(
+            identifier=name,
+            name=name,
+            ip_address="0.0.0.0",
+            cpu=0,
+            ram=0,
+            scanning_tool=self.scanner_config["name"],
+            status=AssetStatus.Active.value,
+            asset_type="Other",
+            asset_category="Software",
+            operating_system="Linux",
         )
 
-    def create_vuln(self, dat: Optional[dict] = None, **kwargs) -> Union[Vulnerability, List[Vulnerability], None]:
+    def create_vuln(
+        self, dat: Optional[dict] = None, **_kwargs
+    ) -> Union[IntegrationFinding, List[IntegrationFinding], None]:
         """
-        Create a vulnerability from a row in the ECR csv file
+        Create a finding from a row in the ECR csv file
 
         :param Optional[dict] dat: Data row from file, defaults to None
-        :return: RegScale Vulnerability object, a list of RegScale Vulnerability objects or None
-        :rtype: Union[Vulnerability, List[Vulnerability], None]
+        :return: RegScale IntegrationFinding object, a list of RegScale IntegrationFinding objects or None
+        :rtype: Union[IntegrationFinding, List[IntegrationFinding], None]
         """
-        vulns: List[Vulnerability] = []
+        vulns: List[IntegrationFinding] = []
         hostname = dat.get("Name") or dat.get("name")
-        if repository_name := self.mapping.get_value(dat, "repositoryName", self.raw_dict.get("repositoryName", "")):
-            image_id_data = self.raw_dict.get("imageId", {}).get("imageDigest", "").split(":")
+        if repository_name := self.mapping.get_value(
+            dat, "repositoryName", self.file_config["raw_dict"].get("repositoryName", "")
+        ):
+            image_id_data = self.file_config["raw_dict"].get("imageId", {}).get("imageDigest", "").split(":")
             if len(image_id_data) > 1:
                 image_id = image_id_data[1]
             else:
@@ -147,89 +116,73 @@ class ECR(FlatFileImporter):
                 return single_vuln
         return vulns
 
-    def get_asset(self, hostname: str) -> Optional[Asset]:
-        """
-        Get the asset by hostname
-
-        :param str hostname: The hostname
-        :return: The asset if found, otherwise None
-        :rtype: Optional[Asset]
-        """
-        asset_match = [asset for asset in self.data["assets"] if asset.name == hostname]
-        return asset_match[0] if asset_match else None
-
-    def create_vulnerability_object(
-        self, asset: Asset, hostname: str, cve: str, severity: str, description: str
-    ) -> Vulnerability:
+    def create_finding(self, finding_data: dict) -> IntegrationFinding:
         """
-        Create a vulnerability from a row in the ECR file
+        Create an IntegrationFinding from finding data
 
-        :param Asset asset: The asset
-        :param str hostname: The hostname
-        :param str cve: The CVE
-        :param str severity: The severity
-        :param str description: The description
-        :return: The vulnerability
-        :rtype: Vulnerability
+        :param dict finding_data: Dictionary containing finding data
+        :return: The IntegrationFinding
+        :rtype: IntegrationFinding
         """
-        config = self.attributes.app.config
-
-        return Vulnerability(
-            id=0,
-            scanId=0,
-            parentId=asset.id,
-            parentModule="assets",
-            ipAddress="0.0.0.0",
-            firstSeen=get_current_datetime(),  # No timestamp on ECR
-            lastSeen=get_current_datetime(),  # No timestamp on ECR
-            daysOpen=None,
-            dns=hostname,
-            mitigated=None,
-            operatingSystem=asset.operatingSystem,
-            severity=severity,
-            plugInName=cve,
-            cve=cve,
-            tenantsId=0,
-            title=f"{cve} on asset {asset.name}",
-            description=cve,
-            plugInText=description,
-            createdById=config["userId"],
-            lastUpdatedById=config["userId"],
-            dateCreated=get_current_datetime(),
+        title = f"{finding_data['cve']} on asset {finding_data['hostname']}"
+        return IntegrationFinding(
+            title=title,
+            dns=finding_data["hostname"],
+            description=finding_data["cve"],
+            severity=self.determine_severity(finding_data["severity"]),
+            status=IssueStatus.Open.value,
+            plugin_name=finding_data["cve"],
+            plugin_id=finding_data["cve"],
+            plugin_text=finding_data["description"],
+            asset_identifier=finding_data["hostname"],
+            cve=finding_data["cve"],
+            first_seen=self.scan_date,
+            last_seen=self.scan_date,
+            scan_date=self.scan_date,
+            category="Software",
+            control_labels=[],
         )
 
-    def process_csv_vulns(self, dat: dict, hostname: str) -> Optional[Vulnerability]:
+    def process_csv_vulns(self, dat: dict, hostname: str) -> Optional[IntegrationFinding]:
         """
         Process the CSV findings from the ECR scan
 
         :param dict dat: The data from the ECR scan
         :param str hostname: The hostname
         :return: The vulnerability or None
-        :rtype: Optional[Vulnerability]
+        :rtype: Optional[IntegrationFinding]
 
         """
         cve = dat.get("CVE", "")
         severity = self.determine_severity(dat.get("Severity", "Info"))
-        if asset := self.get_asset(hostname):
-            return self.create_vulnerability_object(asset, hostname, cve, severity, dat.get("uri", ""))
-        return None
-
-    def process_json_vulns(self, dat: dict, hostname: str) -> List[Vulnerability]:
+        finding_data = {
+            "hostname": hostname,
+            "cve": cve,
+            "severity": severity,
+            "description": dat.get("uri", ""),
+        }
+        return self.create_finding(finding_data)
+
+    def process_json_vulns(self, dat: dict, hostname: str) -> List[IntegrationFinding]:
         """
         Process the JSON findings from the ECR scan
 
         :param dict dat: The data from the ECR scan
         :param str hostname: The hostname
         :return: The list of vulnerabilities
-        :rtype: List[Vulnerability]
+        :rtype: List[IntegrationFinding]
         """
-        vulns: List[Vulnerability] = []
+        vulns: List[IntegrationFinding] = []
         if findings := dat.get("imageScanFindings", {}).get("findings"):
             for finding in findings:
                 cve = finding.get("name")
                 severity = self.determine_severity(finding["severity"])
-                asset = self.get_asset(hostname)
-                if asset:
-                    vuln = self.create_vulnerability_object(asset, hostname, cve, severity, finding.get("uri", ""))
-                    vulns.append(vuln)
+                finding_data = {
+                    "hostname": hostname,
+                    "cve": cve,
+                    "severity": severity,
+                    "description": finding.get("uri", ""),
+                }
+                vuln = self.create_finding(finding_data)
+                vulns.append(vuln)
         return vulns