From ee60902b99b4d6833e8b291dbc2f773ae61995f2 Mon Sep 17 00:00:00 2001
From: Tushar Goel <34160672+TG1999@users.noreply.github.com>
Date: Mon, 18 Sep 2023 23:10:30 +0530
Subject: [PATCH] Fix issue #1302 (#1303)

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
---
 CHANGELOG.rst                       |  1 +
 vulnerabilities/tests/test_utils.py |  6 ++++
 vulnerabilities/utils.py            | 43 +++++++++++++++++------------
 3 files changed, 33 insertions(+), 17 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 42acbbc67..077de77e5 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -8,6 +8,7 @@ Next Release
 - We fixed a text-overflow issue in the Essentials tab of the Vulnerability details template.
 - We added clickable links to the Essentials tab of the Vulnerability details template that enable
   the user to navigate to the Fixed by packages tab and the Affected packages tab.
+- We fixed severity range issue for handling unknown scores.
 
 
 Version v33.4.0
diff --git a/vulnerabilities/tests/test_utils.py b/vulnerabilities/tests/test_utils.py
index ac21afc9a..a377d4745 100644
--- a/vulnerabilities/tests/test_utils.py
+++ b/vulnerabilities/tests/test_utils.py
@@ -15,6 +15,7 @@
 from vulnerabilities.package_managers import PackageVersion
 from vulnerabilities.utils import AffectedPackage
 from vulnerabilities.utils import get_item
+from vulnerabilities.utils import get_severity_range
 from vulnerabilities.utils import nearest_patched_package
 from vulnerabilities.utils import resolve_version_range
 from vulnerabilities.utils import split_markdown_front_matter
@@ -145,3 +146,8 @@ def test_resolve_version_range_without_ignorable_versions():
             "10.0.0",
         ],
     )
+
+
+def test_get_severity_range():
+    assert get_severity_range({""}) is None
+    assert get_severity_range({}) is None
diff --git a/vulnerabilities/utils.py b/vulnerabilities/utils.py
index 244ee9fa2..4d6b03b46 100644
--- a/vulnerabilities/utils.py
+++ b/vulnerabilities/utils.py
@@ -512,20 +512,29 @@ def get_severity_range(severity_list):
     '0.1 - 6.9'
     >>> get_severity_range({'9.5','critical'})
     '9.0 - 10.0'
-    """
-    if len(severity_list) > 1:
-        score_map = {
-            "low": [0.1, 3],
-            "moderate": [4.0, 6.9],
-            "medium": [4.0, 6.9],
-            "high": [7.0, 8.9],
-            "critical": [9.0, 10.0],
-        }
-
-        score_list = []
-        for score in severity_list:
-            try:
-                score_list.append(float(score))
-            except ValueError:
-                score_list.extend(score_map[score.lower()])
-        return f"{min(score_list)} - {max(score_list)}"
+    >>> get_severity_range({'9.5','critical','unknown'})
+    '9.0 - 10.0'
+    >>> get_severity_range({})
+    """
+    if len(severity_list) < 1:
+        return
+    score_map = {
+        "low": [0.1, 3],
+        "moderate": [4.0, 6.9],
+        "medium": [4.0, 6.9],
+        "high": [7.0, 8.9],
+        "important": [7.0, 8.9],
+        "critical": [9.0, 10.0],
+    }
+
+    score_list = []
+    for score in severity_list:
+        try:
+            score_list.append(float(score))
+        except ValueError:
+            score_range = score_map.get(score.lower()) or []
+            if score_range:
+                score_list.extend(score_range)
+    if not score_list:
+        return
+    return f"{min(score_list)} - {max(score_list)}"