Facing an issue while scanning with OWASP Dependency Check 11.1.1 #7462
Labels
Comments
|
Dup of #7406 |
|
Hey, I am facing issue on windows system, scanning with OWASP dependency check bin file and you provided thread of docker. please help me with the solution. |
|
Weird - docker and the bin running on windows must be completely different. Or maybe @marcelstoer actually knows what he is talking about. Try reading #7406 or better #7463. |
|
Well, the description says
As I am not aware of any other issue around the |
sadhanasabne
changed the title
|
by using 12.1.0 version and java 11 getting such output, help me with resolution: 
|
|
what is OWASP dependency Check Core 12.1.0, is this resolve my issue? I have windows platform. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
following is an error message getting while scanning with OWASP Dependency Check 11.1.0. Please help me to resolve an error.
""
[ERROR] Error updating the NVD Data
org.owasp.dependencycheck.data.update.exception.UpdateException: Error updating the NVD Data
at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:397)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.update(NvdApiDataSource.java:117)
at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:906)
at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:711)
at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:637)
at org.owasp.dependencycheck.App.runScan(App.java:266)
at org.owasp.dependencycheck.App.run(App.java:198)
at org.owasp.dependencycheck.App.main(App.java:90)
Caused by: io.github.jeremylong.openvulnerability.client.nvd.NvdApiException: Failed to parse NVD data
at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient._next(NvdCveClient.java:363)
at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient.next(NvdCveClient.java:331)
at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:353)
... 7 common frames omitted
Caused by: com.fasterxml.jackson.databind.exc.ValueInstantiationException: Cannot construct instance of io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data$ModifiedCiaType, problem: SAFETY
at [Source: REDACTED (StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION disabled); line: 1, column: 3175185] (through reference chain: io.github.jeremylong.openvulnerability.client.nvd.CveApiJson20["vulnerabilities"]->java.util.ArrayList[1471]->io.github.jeremylong.openvulnerability.client.nvd.DefCveItem["cve"]->io.github.jeremylong.openvulnerability.client.nvd.CveItem["metrics"]->io.github.jeremylong.openvulnerability.client.nvd.Metrics["cvssMetricV40"]->java.util.ArrayList[0]->io.github.jeremylong.openvulnerability.client.nvd.CvssV4["cvssData"]->io.github.jeremylong.openvulnerability.client.nvd.CvssV4Data["modifiedSubsequentSystemIntegrity"])
""
The text was updated successfully, but these errors were encountered: