CSV export shows incorrect severity (Critical vulnerabilities exported as High) #547
Description
Description:
When exporting vulnerabilities to CSV from the NeuVector UI, vulnerabilities marked as Critical in the UI are written as High severity in the downloaded CSV file.
This creates an inconsistency between what is displayed in the UI and what is exported, which impacts reporting accuracy and any automation that relies on CSV data.
Steps to Reproduce:
Open NeuVector UI
Navigate to Security Risks → Vulnerabilities
Identify a vulnerability marked as Critical in the UI
Click Download CSV
Open the CSV file
Expected Behavior:
The CSV export should preserve the same severity shown in the UI.
Example:
UI Severity: Critical
CSV Severity: Critical
Actual Behavior:
Severity appears downgraded in CSV export.
Example:
UI Severity: Critical
CSV Severity: High
Evidence:
The UI clearly shows vulnerabilities with Critical severity.
The exported CSV shows the same CVEs but with severity High.
Environment:
NeuVector Version: 5.4.9
Deployment Method: Helm (neuvector/neuvector-helm)
Platform: Minikube
Attached files:
Screenshot of UI showing Critical severity
Screenshot of CSV showing High severity
CSV report demonstrating the issue
Vulnerabilities_View_20260221172148.csv
