New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Errors with --nvdDatafeed parameter #6279
Comments
got the same error on 9.0.4, on 9.0.3 it works |
@ibulic00 Could you please tell me where you have hosted the data that you downloaded from the Vulnz CLI tool? |
Depending on how you are hosting the cache - the cache.properties may not be served by the HTTP server. If you are using vulnz 5.1.0 or newer to create the cache PR #6282 should resolve the issue. I'll release the updated version soon. |
Also - you may need to quote the URL per #6251 (comment). |
Getting the same error after adding quotes as well. |
With earlier versions upto 8.4.3, storing the nvd data mirror, created using https://github.com/stevespringett/nist-data-mirror/, in a git repository and using that repo with --cveUrlBase and --cveUrlModified was working.
But now, storing the data, generated through vulnz tool, in github and using that URL as an input to --nvdDatafeed flag is not working.
Getting this error -
[ERROR] Unable to download the NVD API cache.properties
org.owasp.dependencycheck.data.update.exception.UpdateException: Unable to download the NVD API cache.properties
at org.owasp.dependencycheck.data.update.NvdApiDataSource.getRemoteCacheProperties(NvdApiDataSource.java:558)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.processDatafeed(NvdApiDataSource.java:130)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.update(NvdApiDataSource.java:108)
at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:906)
at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:878)
at org.owasp.dependencycheck.App.runUpdateOnly(App.java:427)
at org.owasp.dependencycheck.App.run(App.java:172)
at org.owasp.dependencycheck.App.main(App.java:89)
Caused by: org.owasp.dependencycheck.utils.ResourceNotFoundException: Requested resource does not exist - received a 404
at org.owasp.dependencycheck.utils.HttpResourceConnection.obtainConnection(HttpResourceConnection.java:233)
at org.owasp.dependencycheck.utils.HttpResourceConnection.fetch(HttpResourceConnection.java:163)
at org.owasp.dependencycheck.utils.Downloader.fetchContent(Downloader.java:183)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.getRemoteCacheProperties(NvdApiDataSource.java:551)
... 7 common frames omitted
[INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
[INFO] Begin database defrag
[INFO] End database defrag (240 ms)
[ERROR] Unable to download the NVD API cache.properties
No documentation exists for the usage of the --nvdDatafeed flag. What could be the reason for this error and its solution?
The text was updated successfully, but these errors were encountered: