Skip to content

feat: add message about mirror when nvd is down #5023

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add message about mirror when nvd is down #5023

wants to merge 1 commit into from

Conversation

AryanBakliwal
Copy link
Contributor

fixes #3547

Added some code to catch exceptions when we can't connect to NVD, and fall back to the mirror.
Additionally, print a message rather than a traceback when mirror is also down.

@AryanBakliwal
Copy link
Contributor Author

AryanBakliwal commented Apr 12, 2025
edited
Loading

@terriko @mastersans PTAL and let me know if any changes are required.

$ cve-bin-tool -d CURL,EPSS,GAD,OSV,PURL2CPE,REDHAT,RSD,OSV -u now -n json-nvd

[12:48:29] INFO     cve_bin_tool - CVE Binary Tool v3.4                                                                            cli.py:630
           INFO     cve_bin_tool - This product uses the NVD API but is not endorsed or certified by the NVD.                      cli.py:631
           INFO     cve_bin_tool - For potentially faster NVD downloads, mirrors are available using -n json-mirror                cli.py:634
           INFO     cve_bin_tool - Not using an NVD API key. Your access may be rate limited by NVD.                               cli.py:655
           INFO     cve_bin_tool - Get an NVD API key here: https://nvd.nist.gov/developers/request-an-api-key                     cli.py:656
           WARNING  cve_bin_tool - Using legacy JSON interface.                                                                    cli.py:661
           WARNING  cve_bin_tool - You may want to switch to using cve-bin-tool's mirrors using -n json-mirror                     cli.py:662
           INFO     cve_bin_tool - Disabling data source CURL                                                                      cli.py:777
           INFO     cve_bin_tool - Disabling data source EPSS                                                                      cli.py:777
           INFO     cve_bin_tool - Disabling data source GAD                                                                       cli.py:777
           INFO     cve_bin_tool - Disabling data source OSV                                                                       cli.py:777
           INFO     cve_bin_tool - Disabling data source PURL2CPE                                                                  cli.py:777
           INFO     cve_bin_tool - Disabling data source REDHAT                                                                    cli.py:777
           INFO     cve_bin_tool - Disabling data source RSD                                                                       cli.py:777
           INFO     cve_bin_tool - Disabling data source OSV                                                                       cli.py:777
[12:48:30] WARNING  cve_bin_tool.CVEDB - Updating cachedir /home/adminuser/.cache/cve-bin-tool                                   cvedb.py:667
           INFO     cve_bin_tool - Getting NVD CVE data...                                                                  nvd_source.py:410
           INFO     cve_bin_tool.CVEDB - NVD appears to be down, falling back to mirror                                     nvd_source.py:429
           INFO     cve_bin_tool.CVEDB - Rolling back the cache to its previous state                                            cvedb.py:812
           INFO     cve_bin_tool - [Using NVD API 2.0]                                                                      nvd_source.py:461
           INFO     cve_bin_tool.CVEDB - Fetching metadata from NVD...                                                         nvd_api.py:165
[12:48:32] INFO     cve_bin_tool.CVEDB - There are 229695 CVE entries in the database                                            cvedb.py:391
           INFO     cve_bin_tool.CVEDB - There are 229695 CVE entries from NVD in the database                                   cvedb.py:393
           INFO     cve_bin_tool - CVE database contains CVEs from National Vulnerability Database (NVD), Open Source              cli.py:921
                    Vulnerability Database (OSV), Gitlab Advisory Database (GAD) and RedHat
           INFO     cve_bin_tool - CVE database last updated on 15 April 2025 at 12:48:32

terriko
terriko reviewed Apr 21, 2025
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the tests to run since this looks like it'll do the trick.

terriko
terriko requested changes Apr 21, 2025
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Flagging as needing changes since there's a bunch of test failures and also some linter issues:


cve_bin_tool/data_sources/nvd_source.py:426:13: F841 local variable 'e' is assigned to but never used
cve_bin_tool/data_sources/nvd_source.py:435:9: E303 too many blank lines (2)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terriko terriko terriko requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat: add message about mirror when nvd is down
2 participants
@AryanBakliwal @terriko