cve-update-db-native: skip on empty cpe23Uri - linux/poky.git

diff options

author	Konrad Weihmann <kweihmann@outlook.com>	2021-04-22 18:48:27 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-04-30 14:37:26 +0100
commit	7db4ec5372b5eb31ed4314c313a75fb8ed1c2c4b (patch)
tree	5b23d043d041527be32a98b30bfdc08025c9661c /scripts/wic
parent	6821ee2eede3a04d221de474e45327c8927d7254 (diff)
download	poky-7db4ec5372b5eb31ed4314c313a75fb8ed1c2c4b.tar.gz

cve-update-db-native: skip on empty cpe23Uri

Recently an entry in the NVD DB appeared that looks like that {'vulnerable': True, 'cpe_name': []}. As besides all the vulnerable flag no data is present we would get a KeyError exception on acccess. Use get method on dictionary and return if no meta data is present Also quit if the length of the array after splitting is less than 6 (From OE-Core rev: 650eaa56b83b5698ad7b95337607959e018ff6c0) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 00ce2796d97de2bc376b038d0ea7969088791d34) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/wic')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: