summaryrefslogtreecommitdiffstats
diff options
authorPeter Marko <peter.marko@siemens.com>2025-03-28 16:48:20 +0100
committerSteve Sakoman <steve@sakoman.com>2025-03-31 08:26:56 -0700
commit2f242f2a269bb18aab703f685e27f9c3ba761db8 (patch)
tree9b7b7f08999e5d1da11d29715d4e4a7d7f065574
parent58eb15cdc2dd95bf5eb0bed2a0f1c43bf29cf273 (diff)
downloadopenembedded-core-scarthgap.tar.gz
cve-update-nvd2-native: handle missing vulnStatusscarthgap
There is a new CVE which is missing vulnStatus field: https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-2682 This leads to: File: '<snip>/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb', lineno: 336, function: update_db 0332: 0333: accessVector = None 0334: vectorString = None 0335: cveId = elt['cve']['id'] *** 0336: if elt['cve']['vulnStatus'] == "Rejected": 0337: c = conn.cursor() 0338: c.execute("delete from PRODUCTS where ID = ?;", [cveId]) 0339: c.execute("delete from NVD where ID = ?;", [cveId]) 0340: c.close() Exception: KeyError: 'vulnStatus' Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-core/meta/cve-update-nvd2-native.bb2
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index 441559471f..99acead18d 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -338,7 +338,7 @@ def update_db(conn, elt):
accessVector = None
vectorString = None
cveId = elt['cve']['id']
- if elt['cve']['vulnStatus'] == "Rejected":
+ if elt['cve'].get('vulnStatus') == "Rejected":
c = conn.cursor()
c.execute("delete from PRODUCTS where ID = ?;", [cveId])
c.execute("delete from NVD where ID = ?;", [cveId])
generated by cgit 1.2.3-korg (git 2.39.0) at 2025-04-05 06:13:45 +0000