cve-update-nvd2-native: handle missing vulnStatus - linux/poky.git

diff options

author	Peter Marko <peter.marko@siemens.com>	2025-03-28 16:47:12 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-03-28 22:07:06 +0000
commit	fd85dd43e841c85a1730c602a651998bb247c5e0 (patch)
tree	ea18e4913a7b64e039a38964bf7a1d755ace83ee /scripts
parent	9a9029e0af241f01c5b9266d721fc410174773bb (diff)
download	poky-fd85dd43e841c85a1730c602a651998bb247c5e0.tar.gz

cve-update-nvd2-native: handle missing vulnStatus

There is a new CVE which is missing vulnStatus field: https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-2682 This leads to: File: '<snip>/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 336, function: update_db 0332: 0333: accessVector = None 0334: vectorString = None 0335: cveId = elt['cve']['id'] *** 0336: if elt['cve']['vulnStatus'] == "Rejected": 0337: c = conn.cursor() 0338: c.execute("delete from PRODUCTS where ID = ?;", [cveId]) 0339: c.execute("delete from NVD where ID = ?;", [cveId]) 0340: c.close() Exception: KeyError: 'vulnStatus' (From OE-Core rev: 1508a97b175ccfc52a7ab64cbb4c9ce33d12bcb3) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: