cve-update-nvd2-native: handle missing vulnStatus - linux/poky.git

diff options

author	Peter Marko <peter.marko@siemens.com>	2025-03-28 16:48:20 +0100
committer	Steve Sakoman <steve@sakoman.com>	2025-04-01 09:08:43 -0700
commit	2af52d4819aea9ca746f0671e2b2f8b5c7de2960 (patch)
tree	176ebc0f97b003aa82dd625df8adacf1f3f81175 /scripts/lib/scriptpath.py
parent	fe7c269b02b3eb3b292bc3a57f5681ecc7f89013 (diff)
download	poky-2af52d4819aea9ca746f0671e2b2f8b5c7de2960.tar.gz

cve-update-nvd2-native: handle missing vulnStatus

There is a new CVE which is missing vulnStatus field: https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-2682 This leads to: File: '<snip>/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 336, function: update_db 0332: 0333: accessVector = None 0334: vectorString = None 0335: cveId = elt['cve']['id'] *** 0336: if elt['cve']['vulnStatus'] == "Rejected": 0337: c = conn.cursor() 0338: c.execute("delete from PRODUCTS where ID = ?;", [cveId]) 0339: c.execute("delete from NVD where ID = ?;", [cveId]) 0340: c.close() Exception: KeyError: 'vulnStatus' (From OE-Core rev: 2f242f2a269bb18aab703f685e27f9c3ba761db8) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/scriptpath.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: