Skip to content

nvd data mismatch results in critical error -- maybe switch to something less? #306

Closed
@terriko

Description

@terriko
python -m cve_bin_tool.cli test/binaries/
cve_bin_tool.CVEDB - INFO - Using cached CVE data (<24h old). Use -u now to update immediately.
cve_bin_tool.cvedb.cache_update - CRITICAL - SHA mismatch for nvdcve-1.1-2020.json (have: '5E18F3B72CA0918FD75CCF18FAA3431827E0A7D604352DC94B596E069C6BBAD7', want: '7AE91502596F9665ED354B1496E6FBBF2D983BB160E4B5EE71CFA3C07675E7BB')
cve_bin_tool.cvedb.cache_update - INFO - Updating CVE cache for nvdcve-1.1-2020.json
cve_bin_tool.cvedb.cache_update - CRITICAL - SHA mismatch for nvdcve-1.1-2019.json (have: '5EB0F76D4868B5C5C03A79D31C675FAA2280670F3484A96B65A053A5C19A2D37', want: '0E7890481B17C2E66C1ED6883E300715F5073D70EBAFA3F085DB23F4E141058C')
cve_bin_tool.cvedb.cache_update - INFO - Updating CVE cache for nvdcve-1.1-2019.json

When the sha doesn't match for any of the nvd data files, cve_bin_tool throws a critical error. The more I think about this, th emore I think this might be excessive, as it's going to happen every single time the data updates (possibly multiple times a day) for multiple files. This could probably be a warning at the very least.

Currently every time the data is updated it could print around 40 messages of "out of date" and "updated" -- maybe this could be replaced by a summary message that says something like "the following years have new data: ..." and "the following years have been updated: ..."

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions