cve-update-nvd2-native: handle missing vulnStatus

There is a new CVE which is missing vulnStatus field: https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-2682 This leads to: File: '<snip>/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 336, function: update_db 0332: 0333: accessVector = None 0334: vectorString = None 0335: cveId = elt['cve']['id'] *** 0336: if elt['cve']['vulnStatus'] == "Rejected": 0337: c = conn.cursor() 0338: c.execute("delete from PRODUCTS where ID = ?;", [cveId]) 0339: c.execute("delete from NVD where ID = ?;", [cveId]) 0340: c.close() Exception: KeyError: 'vulnStatus' (From OE-Core rev: 1508a97b175ccfc52a7ab64cbb4c9ce33d12bcb3) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Peter Marko <peter.marko@siemens.com> 2025-03-28 16:47:12 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-03-28 22:07:06 +0000
commit: fd85dd43e841c85a1730c602a651998bb247c5e0 (patch)
tree: ea18e4913a7b64e039a38964bf7a1d755ace83ee /meta/recipes-core
parent: 9a9029e0af241f01c5b9266d721fc410174773bb (diff)
download: poky-fd85dd43e841c85a1730c602a651998bb247c5e0.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index a68a8bb89f..b9c18bf6b6 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -336,7 +336,7 @@ def update_db(conn, elt):
    accessVector = None
    vectorString = None
    cveId = elt['cve']['id']
-    if elt['cve']['vulnStatus'] ==  "Rejected":
+    if elt['cve'].get('vulnStatus') ==  "Rejected":
        c = conn.cursor()
        c.execute("delete from PRODUCTS where ID = ?;", [cveId])
        c.execute("delete from NVD where ID = ?;", [cveId])
author	Peter Marko <peter.marko@siemens.com>	2025-03-28 16:47:12 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-03-28 22:07:06 +0000
commit	fd85dd43e841c85a1730c602a651998bb247c5e0 (patch)
tree	ea18e4913a7b64e039a38964bf7a1d755ace83ee /meta/recipes-core
parent	9a9029e0af241f01c5b9266d721fc410174773bb (diff)
download	poky-fd85dd43e841c85a1730c602a651998bb247c5e0.tar.gz

diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index a68a8bb89f..b9c18bf6b6 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -336,7 +336,7 @@ def update_db(conn, elt):
336	accessVector = None	336	accessVector = None
337	vectorString = None	337	vectorString = None
338	cveId = elt['cve']['id']	338	cveId = elt['cve']['id']
339	if elt['cve']['vulnStatus'] == "Rejected":	339	if elt['cve'].get('vulnStatus') == "Rejected":
340	c = conn.cursor()	340	c = conn.cursor()
341	c.execute("delete from PRODUCTS where ID = ?;", [cveId])	341	c.execute("delete from PRODUCTS where ID = ?;", [cveId])
342	c.execute("delete from NVD where ID = ?;", [cveId])	342	c.execute("delete from NVD where ID = ?;", [cveId])