diff --git a/component_catalog/views.py b/component_catalog/views.py index 05bca00..2643ce2 100644 --- a/component_catalog/views.py +++ b/component_catalog/views.py @@ -251,7 +251,7 @@ class TabVulnerabilityMixin: template = "component_catalog/tabs/tab_vulnerabilities.html" def tab_vulnerabilities(self): - vulnerabilities_qs = self.object.affected_by_vulnerabilities.all() + vulnerabilities_qs = self.object.affected_by_vulnerabilities.order_by_risk() if not vulnerabilities_qs: return diff --git a/product_portfolio/views.py b/product_portfolio/views.py index b7badc1..40dd71a 100644 --- a/product_portfolio/views.py +++ b/product_portfolio/views.py @@ -25,7 +25,6 @@ from django.core.paginator import Paginator from django.db import transaction from django.db.models import Count -from django.db.models import F from django.db.models import Prefetch from django.db.models.functions import Lower from django.forms import modelformset_factory @@ -1111,10 +1110,7 @@ def get_context_data(self, **kwargs): package_qs = Package.objects.filter(product=product).only_rendering_fields() vulnerability_qs = base_vulnerability_qs.prefetch_related( Prefetch("affected_packages", package_qs) - ).order_by( - F("max_score").desc(nulls_last=True), - "-min_score", - ) + ).order_by_risk() self.filterset = self.filterset_class( self.request.GET, diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py index 7f843a8..05e3d2d 100644 --- a/vulnerabilities/models.py +++ b/vulnerabilities/models.py @@ -40,6 +40,13 @@ def with_affected_packages_count(self): affected_packages_count=Count("affected_packages", distinct=True), ) + def order_by_risk(self): + return self.order_by( + models.F("risk_score").desc(nulls_last=True), + models.F("weighted_severity").desc(nulls_last=True), + models.F("exploitability").desc(nulls_last=True), + ) + class Vulnerability(HistoryDateFieldsMixin, DataspacedModel): """ diff --git a/vulnerabilities/views.py b/vulnerabilities/views.py index d2959c0..9b1b28c 100644 --- a/vulnerabilities/views.py +++ b/vulnerabilities/views.py @@ -7,7 +7,6 @@ # from django.contrib.auth.mixins import LoginRequiredMixin -from django.db.models import F from django.http import Http404 from django.utils.translation import gettext_lazy as _ @@ -47,18 +46,16 @@ def get_queryset(self): "aliases", "summary", "fixed_packages_count", - "max_score", - "min_score", + "exploitability", + "weighted_severity", + "risk_score", "created_date", "last_modified_date", "dataspace", ) .with_affected_products_count() .with_affected_packages_count() - .order_by( - F("max_score").desc(nulls_last=True), - "-min_score", - ) + .order_by_risk() ) def get_context_data(self, **kwargs):