[Contextual Security] Vulnerability Flyout Updates (#233919)

## Summary

This PR does the following 
- Updated Description section of Vulnerability Flyout, it now has the
option show more and show less when there are more than 3 line of
description
- Updated Cards on the Header, it now has 4 cards with one of them being
CVE. CVE in the title is now moved into this card. In case there are no
CVE, it will render "-" in the card


https://github.com/user-attachments/assets/6b9cf6f4-5fba-4076-9745-e5f9ba8ca400

Author: animehart

x-pack/solutions/security/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_description_section.tsx

@@ -0,0 +1,127 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React, { useEffect, useRef, useState } from 'react';
+import { EuiButtonEmpty, useEuiTheme } from '@elastic/eui';
+import { FormattedMessage } from '@kbn/i18n-react';
+import { CspFlyoutMarkdown } from '../../configurations/findings_flyout/findings_flyout';
+
+const EMPTY_VALUE = 'No description available';
+const MAX_LINES = 3;
+
+interface ClampedMarkdownProps {
+  description?: string;
+}
+
+export const VulnerabilityDescriptionSection: React.FC<ClampedMarkdownProps> = ({
+  description,
+}) => {
+  const { euiTheme } = useEuiTheme();
+  const [isExpanded, setIsExpanded] = useState(false);
+  const [isOverflowing, setIsOverflowing] = useState(false);
+  const contentRef = useRef<HTMLDivElement>(null);
+  const containerRef = useRef<HTMLDivElement>(null);
+
+  const content = description || EMPTY_VALUE;
+
+  const checkOverflow = () => {
+    const el = contentRef.current;
+    if (el) {
+      const style = getComputedStyle(el);
+      const lineHeightRaw = style.lineHeight;
+      const lineHeight = lineHeightRaw === 'normal' ? 16 : parseFloat(lineHeightRaw);
+      const maxHeight = lineHeight * MAX_LINES;
+      setIsOverflowing(el.scrollHeight > maxHeight + 1);
+    }
+  };
+
+  useEffect(() => {
+    // Wait for layout to stabilize before measuring
+    requestAnimationFrame(checkOverflow);
+  }, [content, isExpanded]);
+
+  useEffect(() => {
+    if (!containerRef.current) return;
+
+    const resizeObserver = new ResizeObserver(() => {
+      if (!isExpanded) {
+        checkOverflow();
+      }
+    });
+
+    resizeObserver.observe(containerRef.current);
+
+    return () => resizeObserver.disconnect();
+  }, [isExpanded]);
+
+  const clampedStyle: React.CSSProperties = {
+    display: '-webkit-box',
+    WebkitLineClamp: MAX_LINES,
+    WebkitBoxOrient: 'vertical',
+    overflow: 'hidden',
+    transition: 'all 0.3s ease',
+  };
+
+  const expandedStyle: React.CSSProperties = {
+    display: 'block',
+    transition: 'all 0.3s ease',
+  };
+
+  return (
+    <div ref={containerRef} style={{ position: 'relative' }}>
+      <div ref={contentRef} style={isExpanded ? expandedStyle : clampedStyle}>
+        <CspFlyoutMarkdown>{content}</CspFlyoutMarkdown>
+        {isExpanded && isOverflowing && (
+          <EuiButtonEmpty
+            color="primary"
+            flush="left"
+            onClick={() => setIsExpanded(false)}
+            style={{
+              display: 'inline-block',
+              verticalAlign: 'baseline',
+              height: 'auto',
+              minHeight: 'auto',
+              fontSize: 'inherit',
+            }}
+          >
+            <FormattedMessage
+              id="xpack.csp.vulnerabilities.vulnerabilityDescriptionSection.showLess"
+              defaultMessage="Show less"
+            />
+          </EuiButtonEmpty>
+        )}
+      </div>
+      {isOverflowing && !isExpanded && (
+        <div
+          style={{
+            position: 'absolute',
+            bottom: '0',
+            right: '0',
+            backgroundColor: euiTheme.colors.emptyShade,
+            paddingLeft: '4px',
+          }}
+        >
+          <EuiButtonEmpty
+            color="primary"
+            onClick={() => setIsExpanded(true)}
+            flush="left"
+            style={{
+              height: 'auto',
+              minHeight: 'auto',
+              fontSize: 'inherit',
+            }}
+          >
+            <FormattedMessage
+              id="xpack.csp.vulnerabilities.vulnerabilityDescriptionSection.showMore"
+              defaultMessage="...Show more"
+            />
+          </EuiButtonEmpty>
+        </div>
+      )}
+    </div>
+  );
+};

x-pack/solutions/security/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx

@@ -103,7 +103,7 @@ describe('<VulnerabilityFindingFlyout/>', () => {
       expect.stringContaining(mockQualysVulnerabilityHit.vulnerability.reference[0])
     );
 
-    expect(getByTestId(VULNERABILITY_HEADER_CVE_BADGE).textContent).toEqual('1 More');
+    expect(getByTestId(VULNERABILITY_HEADER_CVE_BADGE).textContent).toEqual('+1');
   });
 
   it('displays id as a text and a badge when there are multiple ids - qualys integration', () => {
@@ -135,7 +135,7 @@ describe('<VulnerabilityFindingFlyout/>', () => {
     expect(getByTestId(VULNERABILITY_HEADER_ID).textContent).toEqual(
       mockQualysVulnerabilityHit.vulnerability.id[0]
     );
-    expect(getByTestId(VULNERABILITY_HEADER_CVE_BADGE).textContent).toEqual('1 More');
+    expect(getByTestId(VULNERABILITY_HEADER_CVE_BADGE).textContent).toEqual('+1');
   });
 
   it('Qualys vulnerability renders id (CVE) item correctly', () => {

x-pack/solutions/security/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_right/header.test.tsx

@@ -29,7 +29,7 @@ describe('FindingsVulnerabilityFlyoutHeader', () => {
 
     expect(cveslinkElement).toHaveTextContent(mockQualysVulnerabilityHit.vulnerability.id[0]);
     expect(cvesBadge).toHaveTextContent(
-      `${mockQualysVulnerabilityHit.vulnerability.id.length - 1} More`
+      `+${mockQualysVulnerabilityHit.vulnerability.id.length - 1}`
     );
   });
 
@@ -49,7 +49,7 @@ describe('FindingsVulnerabilityFlyoutHeader', () => {
 
     expect(cvesTextElement).toHaveTextContent(vulnerabilityHitWithNoReference.vulnerability.id[0]);
     expect(cvesBadge).toHaveTextContent(
-      `${vulnerabilityHitWithNoReference.vulnerability.id.length - 1} More`
+      `+${vulnerabilityHitWithNoReference.vulnerability.id.length - 1}`
     );
   });
 

x-pack/solutions/security/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_right/header.tsx

@@ -5,13 +5,6 @@
  * 2.0.
  */
 
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
 import React from 'react';
 import { css } from '@emotion/react';
 import {
@@ -24,6 +17,7 @@ import {
   EuiText,
   EuiBadge,
   EuiTitle,
+  EuiFlexGrid,
 } from '@elastic/eui';
 import type { FindingsVulnerabilityFlyoutHeaderProps } from '@kbn/cloud-security-posture';
 import { CVSScoreBadge, findReferenceLink } from '@kbn/cloud-security-posture';
@@ -51,14 +45,14 @@ export const FindingsVulnerabilityFlyoutHeader = ({
         <EuiFlexItem grow={false}>
           <EuiBadge
             data-test-subj={VULNERABILITY_HEADER_CVE_BADGE}
-            color="accent"
+            color="subdued"
             css={css`
               border-radius: ${euiTheme.border.radius.small};
             `}
           >
             <FormattedMessage
               id="xpack.csp.vulnerabilities.vulnerabilityFindingFlyout.cveTooltip"
-              defaultMessage="{value} More"
+              defaultMessage="+{value}"
               values={{ value: vulnerability?.id.length - 1 }}
             />
           </EuiBadge>
@@ -71,7 +65,7 @@ export const FindingsVulnerabilityFlyoutHeader = ({
 
   const renderCves = () => {
     if (!vulnerability?.id || vulnerability?.id.length === 0) {
-      return <></>;
+      return <>{EMPTY_VALUE}</>;
     }
 
     const renderVulnerabilityId = () => {
@@ -116,7 +110,7 @@ export const FindingsVulnerabilityFlyoutHeader = ({
       >
         <EuiFlexItem grow={false}>
           <EuiTitle
-            size="s"
+            size="xxs"
             css={css`
               font-weight: ${euiTheme.font.weight.semiBold};
               line-height: ${euiTheme.size.xl};
@@ -132,85 +126,89 @@ export const FindingsVulnerabilityFlyoutHeader = ({
 
   return (
     <>
-      <EuiFlexGroup
-        direction="column"
-        css={css`
-          gap: ${euiTheme.size.s};
-        `}
-      >
-        {renderCves()}
-      </EuiFlexGroup>
       <EuiSpacer size="m" />
-      <EuiFlexGroup gutterSize="s">
+      <EuiFlexGrid columns={2} gutterSize="m">
+        <EuiFlexItem data-test-subj={VULNERABILITY_SCORES_FLYOUT} style={{ display: 'flex' }}>
+          <EuiPanel
+            style={{ height: '100%' }}
+            borderRadius="m"
+            paddingSize="m"
+            hasShadow={false}
+            hasBorder={true}
+          >
+            <EuiFlexGroup direction="column" gutterSize="m">
+              <EuiFlexItem>
+                <b>CVSS</b>
+              </EuiFlexItem>
+              {vulnerability?.score ? (
+                <CVSScoreBadge
+                  version={vulnerability?.score?.version}
+                  score={vulnerability?.score?.base}
+                />
+              ) : (
+                <EuiText>{EMPTY_VALUE}</EuiText>
+              )}
+            </EuiFlexGroup>
+          </EuiPanel>
+        </EuiFlexItem>
+
         <EuiFlexItem>
-          <EuiPanel hasBorder={true}>
-            <EuiFlexGroup gutterSize="none">
-              <EuiFlexItem data-test-subj={VULNERABILITY_SCORES_FLYOUT}>
-                <EuiPanel
-                  borderRadius="none"
-                  paddingSize="xl"
-                  css={{ borderRight: 'solid 1px #D3DAE6', padding: '12px' }}
-                  hasBorder={false}
-                  hasShadow={false}
-                >
-                  <EuiFlexGroup direction="column" gutterSize="s">
-                    <EuiFlexItem>
-                      <b>CVSS</b>
-                    </EuiFlexItem>
-                    {vulnerability?.score ? (
-                      <CVSScoreBadge
-                        version={vulnerability?.score?.version}
-                        score={vulnerability?.score?.base}
-                      />
-                    ) : (
-                      <EuiText>{EMPTY_VALUE}</EuiText>
-                    )}
-                  </EuiFlexGroup>
-                </EuiPanel>
+          <EuiPanel
+            style={{ height: '100%' }}
+            borderRadius="m"
+            paddingSize="m"
+            hasShadow={false}
+            hasBorder={true}
+          >
+            <EuiFlexGroup direction="column" gutterSize="s">
+              <EuiFlexItem>
+                <b>CVE</b>
               </EuiFlexItem>
-              <EuiFlexItem data-test-subj={DATA_SOURCE_VULNERABILITY_FLYOUT}>
-                <EuiPanel
-                  borderRadius="none"
-                  paddingSize="xl"
-                  css={{ borderRight: 'solid 1px #D3DAE6', padding: '12px' }}
-                  hasBorder={false}
-                  hasShadow={false}
-                >
-                  <EuiFlexGroup direction="column" gutterSize="s">
-                    <EuiFlexItem>
-                      <b>Data source</b>
-                      <EuiSpacer size="s" />
-                      {vulnerability?.data_source?.URL ? (
-                        <EuiLink href={vulnerability.data_source?.URL} target="_blank">
-                          {vulnerability?.data_source?.ID}
-                        </EuiLink>
-                      ) : (
-                        <EuiText>{EMPTY_VALUE}</EuiText>
-                      )}
-                    </EuiFlexItem>
-                  </EuiFlexGroup>
-                </EuiPanel>
+              <EuiFlexItem>{renderCves()}</EuiFlexItem>
+            </EuiFlexGroup>
+          </EuiPanel>
+        </EuiFlexItem>
+
+        <EuiFlexItem data-test-subj={DATA_SOURCE_VULNERABILITY_FLYOUT}>
+          <EuiPanel
+            style={{ height: '100%' }}
+            borderRadius="m"
+            paddingSize="m"
+            hasShadow={false}
+            hasBorder={true}
+          >
+            <EuiFlexGroup direction="column" gutterSize="m">
+              <EuiFlexItem>
+                <b>Data source</b>
               </EuiFlexItem>
+              {vulnerability?.data_source?.URL ? (
+                <EuiLink href={vulnerability.data_source?.URL} target="_blank">
+                  {vulnerability?.data_source?.ID}
+                </EuiLink>
+              ) : (
+                <EuiText>{EMPTY_VALUE}</EuiText>
+              )}
+            </EuiFlexGroup>
+          </EuiPanel>
+        </EuiFlexItem>
+
+        <EuiFlexItem>
+          <EuiPanel
+            style={{ height: '100%' }}
+            borderRadius="m"
+            paddingSize="m"
+            hasShadow={false}
+            hasBorder={true}
+          >
+            <EuiFlexGroup direction="column" gutterSize="m">
               <EuiFlexItem>
-                <EuiPanel
-                  borderRadius="none"
-                  paddingSize="xl"
-                  css={{ padding: '12px' }}
-                  hasBorder={false}
-                  hasShadow={false}
-                >
-                  <EuiFlexGroup direction="column" gutterSize="s">
-                    <EuiFlexItem>
-                      <b>Vendor</b>
-                    </EuiFlexItem>
-                    <EuiFlexItem> {vendor} </EuiFlexItem>
-                  </EuiFlexGroup>
-                </EuiPanel>
+                <b>Vendor</b>
               </EuiFlexItem>
+              <EuiFlexItem>{vendor}</EuiFlexItem>
             </EuiFlexGroup>
           </EuiPanel>
         </EuiFlexItem>
-      </EuiFlexGroup>
+      </EuiFlexGrid>
       <div
         css={css`
           margin: ${euiTheme.size.s};