intel · terriko · Aug 23, 2023 · Aug 23, 2023
diff --git a/cve_bin_tool/output_engine/__init__.py b/cve_bin_tool/output_engine/__init__.py
@@ -479,25 +479,25 @@ def output_pdf(
                 "CVE Number",
                 "CVSS_version",
                 "CVSS_score",
-                "EPSS_propability",
+                "EPSS_probability",
                 "EPSS_percentile",
             ]
             # group cve_data by its remarks and separately by paths
             for product_info, cve_data in all_cve_data.items():
                 for cve in cve_data["cves"]:
-                    propability = "-"
+                    probability = "-"
                     percentile = "-"
                     for metric, field in cve.metric.items():
                         if metric == "EPSS":
-                            propability = round(field[0] * 100, 4)
+                            probability = round(field[0] * 100, 4)
                             percentile = field[1]
 
                     cve_by_metrics[cve.remarks].append(
                         {
                             "cve_number": cve.cve_number,
                             "cvss_version": str(cve.cvss_version),
                             "cvss_score": str(cve.score),
-                            "epss_propability": str(propability),
+                            "epss_probability": str(probability),
                             "epss_percentile": str(percentile),
                             "severity": cve.severity,
                         }
@@ -515,7 +515,7 @@ def output_pdf(
                         cve["cve_number"],
                         cve["cvss_version"],
                         str(cve["cvss_score"]),
-                        str(cve["epss_propability"]),
+                        str(cve["epss_probability"]),
                         str(cve["epss_percentile"]),
                     ]
                     pdfdoc.addrow(

diff --git a/cve_bin_tool/output_engine/console.py b/cve_bin_tool/output_engine/console.py
@@ -104,11 +104,11 @@ def _output_console_nowrap(
     # group cve_data by its remarks and separately by paths
     for product_info, cve_data in all_cve_data.items():
         for cve in cve_data["cves"]:
-            propability = "-"
+            probability = "-"
             percentile = "-"
             for metric, field in cve.metric.items():
                 if metric == "EPSS":
-                    propability = str(round(field[0] * 100, 4))
+                    probability = str(round(field[0] * 100, 4))
                     percentile = str(field[1])
             cve_by_remarks[cve.remarks].append(
                 {
@@ -120,7 +120,7 @@ def _output_console_nowrap(
                     "severity": cve.severity,
                     "score": cve.score,
                     "cvss_version": cve.cvss_version,
-                    "epss_propability": propability,
+                    "epss_probability": probability,
                     "epss_percentile": percentile,
                 }
             )
@@ -157,7 +157,7 @@ def _output_console_nowrap(
         table.add_column("Source")
         table.add_column("Severity")
         table.add_column("Score (CVSS Version)")
-        table.add_column("EPSS propability")
+        table.add_column("EPSS probability")
         table.add_column("EPSS percentile")
         if affected_versions != 0:
             table.add_column("Affected Versions")
@@ -178,7 +178,7 @@ def _output_console_nowrap(
                 Text.styled(cve_data["source"], color),
                 Text.styled(cve_data["severity"], color),
                 Text.styled(cvss_text, color),
-                Text.styled(cve_data["epss_propability"], color),
+                Text.styled(cve_data["epss_probability"], color),
                 Text.styled(cve_data["epss_percentile"], color),
             ]
             if affected_versions != 0:
@@ -278,26 +278,26 @@ def validate_cell_length(cell_name, cell_type):
     table.add_column("CVE")
     table.add_column("CVSS_version")
     table.add_column("CVSS_score")
-    table.add_column("EPSS_propability")
+    table.add_column("EPSS_probability")
     table.add_column("EPSS_percentile")
     color = "green"
 
     cve_by_metrics: defaultdict[Remarks, list[dict[str, str]]] = defaultdict(list)
     # group cve_data by its remarks and separately by paths
     for product_info, cve_data in all_cve_data.items():
         for cve in cve_data["cves"]:
-            propability = "-"
+            probability = "-"
             percentile = "-"
             for metric, field in cve.metric.items():
                 if metric == "EPSS":
-                    propability = round(field[0] * 100, 4)
+                    probability = round(field[0] * 100, 4)
                     percentile = field[1]
             cve_by_metrics[cve.remarks].append(
                 {
                     "cve_number": cve.cve_number,
                     "cvss_version": str(cve.cvss_version),
                     "cvss_score": str(cve.score),
-                    "epss_propability": str(propability),
+                    "epss_probability": str(probability),
                     "epss_percentile": str(percentile),
                     "severity": cve.severity,
                 }
@@ -311,7 +311,7 @@ def validate_cell_length(cell_name, cell_type):
                 Text.styled(cve["cve_number"], color),
                 Text.styled(cve["cvss_version"], color),
                 Text.styled(str(cve["cvss_score"]), color),
-                Text.styled(cve["epss_propability"], color),
+                Text.styled(cve["epss_probability"], color),
                 Text.styled(cve["epss_percentile"], color),
             ]
             table.add_row(*cells)

diff --git a/cve_bin_tool/output_engine/html.py b/cve_bin_tool/output_engine/html.py
@@ -214,20 +214,20 @@ def output_html(
     cve_by_metrics: defaultdict[Remarks, list[dict[str, str]]] = defaultdict(list)
     for product_info, cve_data in all_cve_data.items():
         for cve in cve_data["cves"]:
-            propability = "-"
+            probability = "-"
             percentile = "-"
 
             for metric, field in cve.metric.items():
                 if metric == "EPSS":
-                    propability = round(field[0] * 100, 4)
+                    probability = round(field[0] * 100, 4)
                     percentile = field[1]
 
         cve_by_metrics[cve.remarks].append(
             {
                 "cve_number": cve.cve_number,
                 "cvss_version": str(cve.cvss_version),
                 "cvss_score": str(cve.score),
-                "epss_propability": str(propability),
+                "epss_probability": str(probability),
                 "epss_percentile": str(percentile),
                 "severity": cve.severity,
             }
@@ -249,7 +249,7 @@ def output_html(
                     <th scope="row">{cve["cve_number"]}</th>
                     <td>{cve["cvss_version"]}</td>
                     <td>{cve["cvss_score"]}</td>
-                    <td>{cve["epss_propability"]}</td>
+                    <td>{cve["epss_probability"]}</td>
                     <td>{cve["epss_percentile"]}</td>
                 </tr>
             """

diff --git a/cve_bin_tool/output_engine/html_reports/templates/dashboard.html b/cve_bin_tool/output_engine/html_reports/templates/dashboard.html
@@ -142,7 +142,7 @@ <h6>CVE metric</h6>
                     <th scope="col">CVE number</th>
                     <th scope="col">CVSS version</th>
                     <th scope="col">CVSS score</th>
-                    <th scope="col">EPSS propability</th>
+                    <th scope="col">EPSS probability</th>
                     <th scope="col">EPSS percentile</th>
                 </tr>
             </thead>

diff --git a/cve_bin_tool/output_engine/util.py b/cve_bin_tool/output_engine/util.py
@@ -143,11 +143,11 @@ def format_output(
             if isinstance(cve, str):
                 continue
             # If EPSS values are not available for a given CVE, assign them a value of "-"
-            propability = "-"
+            probability = "-"
             percentile = "-"
             for metric, field in cve.metric.items():
                 if metric == "EPSS":
-                    propability = round(field[0] * 100, 4)
+                    probability = round(field[0] * 100, 4)
                     percentile = field[1]
             details = {
                 "vendor": product_info.vendor,
@@ -160,7 +160,7 @@ def format_output(
                 "cvss_version": str(cve.cvss_version),
                 "cvss_vector": cve.cvss_vector,
                 # converting epss score (probability) 0-1 to 0-100
-                "epss_probability": str(propability),
+                "epss_probability": str(probability),
                 "epss_percentile": str(percentile),
                 "paths": ", ".join(cve_data["paths"]),
                 "remarks": cve.remarks.name,

diff --git a/test/test_output_engine.py b/test/test_output_engine.py
@@ -678,7 +678,7 @@ class TestOutputEngine(unittest.TestCase):
         "CVE Number"
         "CVSS_version"
         "CVSS_score"
-        "EPSS_propability"
+        "EPSS_probability"
         "EPSS_percentile"
         "CVE-1234-1234"
         "2"