Community resources
Community resources
Community resources
Bitbucket Dependency Scanner - Update NVD Failure
Version: atlassian/bitbucket-dependency-scanner:0.8.0
I am passing in a valid NVD_API_KEY
Logs:
[ERROR] Error updating the NVD Data
at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:399)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.update(NvdApiDataSource.java:117)
at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:903)
at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:708)
at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:634)
at org.owasp.dependencycheck.App.runScan(App.java:269)
at org.owasp.dependencycheck.App.run(App.java:201)
at org.owasp.dependencycheck.App.main(App.java:93)
Caused by: io.github.jeremylong.openvulnerability.client.nvd.NvdApiException: Failed to parse NVD data
at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient._next(NvdCveClient.java:389)
at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient.next(NvdCveClient.java:357)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:355)
... 7 common frames omitted
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Unexpected character (']' (code 93)): expected a valid value (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 1, column: 2281000] (through reference chain: io.github.jeremylong.openvulnerability.client.nvd.CveApiJson20["vulnerabilities"])
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:401)
at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:360)
at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.wrapAndThrow(BeanDeserializerBase.java:1964)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:312)
at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:342)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4917)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3860)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3828)
at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient._next(NvdCveClient.java:384)
... 9 common frames omitted