-
Notifications
You must be signed in to change notification settings - Fork 460
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NVD is not working. #906
Comments
|
I am indeed getting some tests failures locally, but more than just this one. It looks like I'm getting some nvd issues that are probably masking what's going on. |
I ran the tests again. Nothing seems to work right now. I tried scanning some binaries. You can see the output here |
@terriko @imsahil007 I have got to the bottom of this after a bit of digging around the cvedb.py module which has revealed that the problem is with the way the NVD page is being scrapped off the web. I don't know if the format of the URLs has changed recently but the feeds are now relative URLs (i.e. /feeds/....) rather than absolute URLs (https://nvd.nist.gov/feeds/...). Unfortunately the processing of the URLs assumes that they are absolute URLs so when the URLs are passed to the rountines which download the CVEs, as there are no URLs which have matched the regular expression, no data is retrieved. A simple hack is to make the following change to the nist_scrape routine to make the meta_url absolute
The META_REGEX needs to also change to META_REGEX = re.compile(r"/./json/.-[0-9].[0-9]-[0-9]*.meta") |
Yeah, I noticed that as well. Thanks for your input @anthonyharrison |
Thank you! I got as far as seeing that nvd wasn't working at all, but hadn't had a chance to debug why. This is incredibly helpful. |
Every time I try to run tests for test/test_ci.py. The tests fail for curl with this assertion error.
I tried creating pulling a fresh copy of the repo. But the tests still failed.
The text was updated successfully, but these errors were encountered: