fixup! Fix: Inspector reports should link to CVEs (#6557)

scripts/export_inspector_findings.py

@@ -176,10 +176,15 @@ def column_alpha(self, col: int) -> str:
     def findings_sort(self, item: tuple[str, list[SummaryType]]) -> tuple[int, str]:
         score = 0
         weights = {'HIGH': 1, 'CRITICAL': 10}
-        for summary in item[1]:
+        finding_name, summaries = item
+        for summary in summaries:
             count = len(summary['resources'])
             score += count * weights.get(summary['severity'], 0)
-        return score, item[0]
+        if finding_name.startswith('CVE-'):
+            id = finding_name.rsplit('-', 1)[1]
+            normalized_id = '000000'[:6 - len(id)] + id if len(id) < 7 else id
+            finding_name = finding_name.replace(id, normalized_id)
+        return score, finding_name
 
     def write_to_csv(self,
                      findings: dict[str, list[SummaryType]],
@@ -195,8 +200,7 @@ def write_to_csv(self,
         lookup = dict(zip(titles, range(len(titles))))
 
         rows = [titles]
-        findings_vuln_sorted = {vuln: findings[vuln] for vuln in sorted(findings)}
-        for vulnerability, summaries in sorted(findings_vuln_sorted.items(),
+        for vulnerability, summaries in sorted(findings.items(),
                                                key=self.findings_sort,
                                                reverse=True):
             # A mapping of column index to abbreviated severity value