Add package to parse severity info for parsers

[manuel-sommer]

Some parsers (e.g. govulnchecker) do not have a severity field in the output. Thus, all findings have severity "info" eventhough a CVE is linked.
Could we add a package to retrieve the severity information based on the CVE. A way could be https://github.com/xaitax/SploitScan
If this will be approved, I would submit a PR.

[manuel-sommer]

What is your opinion @valentijnscholten ?

[manuel-sommer]

We could also use this to provide EPSS information.

[valentijnscholten]

Pro has enrichment features like these.

[manuel-sommer]

So is a PR accepted to update the severity field?

[manuel-sommer]

I understand that this is a close line between opensource and pro, but even in open source I would expect the severity of a finding to be right. For additional information, like exploits, EPSS score etc. the person can use Pro or google to evaluate the finding based on the severity.