From cd8a2881d423bcb5d5d0aeea3a2991eb8bb67580 Mon Sep 17 00:00:00 2001
From: Christian Studer <christian.studer@circl.lu>
Date: Mon, 16 Dec 2024 13:13:21 +0100
Subject: [PATCH] add: [vulnerability_lookup] Handling weakness (CWE)
 information while parsing github vulnerabilities

---
 misp_modules/modules/expansion/vulnerability_lookup.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/misp_modules/modules/expansion/vulnerability_lookup.py b/misp_modules/modules/expansion/vulnerability_lookup.py
index 7dcc683e..717f03c3 100644
--- a/misp_modules/modules/expansion/vulnerability_lookup.py
+++ b/misp_modules/modules/expansion/vulnerability_lookup.py
@@ -284,6 +284,11 @@ class VulnerabilityLookupParser(VulnerabilityParser):
             misp_object.add_attribute('cvss-string', cvss['score'])
         for reference in lookup_result['references']:
             misp_object.add_attribute('references', reference['url'])
+        for cwe_id in lookup_result.get('database_specific', {}).get('cwe_ids', []):
+            attribute = self.misp_event.add_attribute(
+                type='weakness', value=cwe_id
+            )
+            misp_object.add_reference(attribute.uuid, 'weakened-by')
         misp_object.add_reference(self.misp_attribute.uuid, 'related-to')
         vulnerability_object = self.misp_event.add_object(misp_object)