Skip to content

Package lookup fails with error in 'affects' #2

New issue
New issue
Open
Open
Package lookup fails with error in 'affects'#2
@tunloop

Description

@tunloop
tunloop
opened on Jul 12, 2022

Debian 11
Python 3.9.2
NVD CVE 1.1 Json DBs

In order to get downloads to work, I had to change CVE 1.0 to CVE 1.1. Not sure if that is the cause of the following problem.
When running test check against 2 packages, lookup fails with "KeyError: 'affects'"

# python3 cvechecker.py 

[*] 2 packages to check:
[*] nginx 1.23.0-1
[*] zabbix-agent2 6.0.6-1

[*] 21 CVE databases loaded:
[*] nvdcve-1.1-2019.json
[*] nvdcve-1.1-2014.json
[*] nvdcve-1.1-2005.json
[*] nvdcve-1.1-2011.json
[*] nvdcve-1.1-2015.json
[*] nvdcve-1.1-2017.json
[*] nvdcve-1.1-2006.json
[*] nvdcve-1.1-2002.json
[*] nvdcve-1.1-2020.json
[*] nvdcve-1.1-2010.json
[*] nvdcve-1.1-2012.json
[*] nvdcve-1.1-2004.json
[*] nvdcve-1.1-2016.json
[*] nvdcve-1.1-2007.json
[*] nvdcve-1.1-2008.json
[*] nvdcve-1.1-2003.json
[*] nvdcve-1.1-2022.json
[*] nvdcve-1.1-2018.json
[*] nvdcve-1.1-2021.json
[*] nvdcve-1.1-2013.json
[*] nvdcve-1.1-2009.json

[*] 0 CVEs whitelisted:

[*] lookup "nginx 1.23.0-1"
Traceback (most recent call last):
  File "/etc/zabbix/cve-checker.d/cvechecker.py", line 177, in <module>
    check(packages, cve_dbs, cve_whitelist)
  File "/etc/zabbix/cve-checker.d/cvechecker.py", line 132, in check
    check_package(package, cve_dbs, cve_whitelist)
  File "/etc/zabbix/cve-checker.d/cvechecker.py", line 80, in check_package
    for vendor in cve['cve']['affects']['vendor']['vendor_data']:
KeyError: 'affects'

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions