From 97ed4c7838ff78e4d2954aadf9185b84d4c0d029 Mon Sep 17 00:00:00 2001
From: pemontto <pemontto@gmail.com>
Date: Wed, 24 Apr 2019 09:31:21 +1000
Subject: [PATCH] Update cvss extraction regex

---
 vulnwhisp/frameworks/qualys_vuln.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vulnwhisp/frameworks/qualys_vuln.py b/vulnwhisp/frameworks/qualys_vuln.py
index 19ca865..bffd4de 100644
--- a/vulnwhisp/frameworks/qualys_vuln.py
+++ b/vulnwhisp/frameworks/qualys_vuln.py
@@ -165,9 +165,9 @@ class qualysVulnScan:
         # Contruct the CVSS vector
         self.logger.info('Extracting CVSS components')
         df['cvss_vector'] = df['cvss_base'].str.extract('\((.*)\)', expand=False)
-        df['cvss_base'] = df['cvss_base'].str.extract('^([^ ]+)', expand=False)
+        df['cvss_base'] = df['cvss_base'].str.extract('^(\d+(?:\.\d+)?)', expand=False)
         df['cvss_temporal_vector'] = df['cvss_temporal'].str.extract('\((.*)\)', expand=False)
-        df['cvss_temporal'] = df['cvss_temporal'].str.extract('^([^ ]+)', expand=False)
+        df['cvss_temporal'] = df['cvss_temporal'].str.extract('^(\d+(?:\.\d+)?)', expand=False)
 
 
         # Convert Qualys severity to standardised risk number