search

clj-holmes / clj-watson

clojure deps SCA
Eclipse Public License 2.0
84 stars 9 forks source link

Unable to update watson database, version exceeds column limit #32

Closed devn closed 1 year ago

devn commented 1 year ago 
Downloading/Updating database.
2023-01-09 12:23:13,935 ERROR [o.o.d.Engine] - org.owasp.dependencycheck.data.nvdcve.DatabaseException: Error updating 'CVE-2020-36569'
org.owasp.dependencycheck.data.update.exception.UpdateException: org.owasp.dependencycheck.data.nvdcve.DatabaseException: Error updating 'CVE-2020-36569'
    at org.owasp.dependencycheck.data.update.nvd.ProcessTask.processFiles(ProcessTask.java:157)
    at org.owasp.dependencycheck.data.update.nvd.ProcessTask.call(ProcessTask.java:114)
    at org.owasp.dependencycheck.data.update.nvd.ProcessTask.call(ProcessTask.java:41)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: org.owasp.dependencycheck.data.nvdcve.DatabaseException: Error updating 'CVE-2020-36569'
    at org.owasp.dependencycheck.data.nvdcve.CveDB.updateVulnerability(CveDB.java:823)
    at org.owasp.dependencycheck.data.update.nvd.NvdCveParser.parse(NvdCveParser.java:114)
    at org.owasp.dependencycheck.data.update.nvd.ProcessTask.importJSON(ProcessTask.java:141)
    at org.owasp.dependencycheck.data.update.nvd.ProcessTask.processFiles(ProcessTask.java:154)
    ... 6 common frames omitted
Caused by: org.h2.jdbc.JdbcBatchUpdateException: Value too long for column "VERSIONENDEXCLUDING CHARACTER VARYING(60)": "'0.0.0-20160722212129-ac0cc4484ad4_before_v0.0.0-20200131131040-063a3fb69896' (75)"; SQL statement:
INSERT INTO software (cveid, cpeEntryId, versionEndExcluding, versionEndIncluding, versionStartExcluding, versionStartIncluding, vulnerable) VALUES (?, ?, ?, ?, ?, ?, ?) [22001-214]
    at org.h2.jdbc.JdbcPreparedStatement.executeBatch(JdbcPreparedStatement.java:1269)
    at org.apache.commons.dbcp2.DelegatingStatement.executeBatch(DelegatingStatement.java:241)
    at org.apache.commons.dbcp2.DelegatingStatement.executeBatch(DelegatingStatement.java:241)
    at org.owasp.dependencycheck.data.nvdcve.CveDB.executeBatch(CveDB.java:1248)
    at org.owasp.dependencycheck.data.nvdcve.CveDB.updateVulnerabilityInsertSoftware(CveDB.java:1098)
    at org.owasp.dependencycheck.data.nvdcve.CveDB.updateVulnerability(CveDB.java:816)
    ... 9 common frames omitted
** ERROR: **
Exception: #error {
 :cause Value too long for column "VERSIONENDEXCLUDING CHARACTER VARYING(60)": "'0.0.0-20160722212129-ac0cc4484ad4_before_v0.0.0-20200131131040-063a3fb69896' (75)"; SQL statement:
INSERT INTO software (cveid, cpeEntryId, versionEndExcluding, versionEndIncluding, versionStartExcluding, versionStartIncluding, vulnerable) VALUES (?, ?, ?, ?, ?, ?, ?) [22001-214]
 :via
 [{:type org.owasp.dependencycheck.data.update.exception.UpdateException
   :message org.owasp.dependencycheck.data.nvdcve.DatabaseException: Error updating 'CVE-2020-36569'
   :at [org.owasp.dependencycheck.data.update.nvd.ProcessTask processFiles ProcessTask.java 157]}
  {:type org.owasp.dependencycheck.data.nvdcve.DatabaseException
   :message Error updating 'CVE-2020-36569'
   :at [org.owasp.dependencycheck.data.nvdcve.CveDB updateVulnerability CveDB.java 823]}
  {:type org.h2.jdbc.JdbcBatchUpdateException
   :message Value too long for column "VERSIONENDEXCLUDING CHARACTER VARYING(60)": "'0.0.0-20160722212129-ac0cc4484ad4_before_v0.0.0-20200131131040-063a3fb69896' (75)"; SQL statement:
INSERT INTO software (cveid, cpeEntryId, versionEndExcluding, versionEndIncluding, versionStartExcluding, versionStartIncluding, vulnerable) VALUES (?, ?, ?, ?, ?, ?, ?) [22001-214]
   :at [org.h2.jdbc.JdbcPreparedStatement executeBatch JdbcPreparedStatement.java 1269]}]
 :trace
 [[org.h2.jdbc.JdbcPreparedStatement executeBatch JdbcPreparedStatement.java 1269]
  [org.apache.commons.dbcp2.DelegatingStatement executeBatch DelegatingStatement.java 241]
  [org.apache.commons.dbcp2.DelegatingStatement executeBatch DelegatingStatement.java 241]
  [org.owasp.dependencycheck.data.nvdcve.CveDB executeBatch CveDB.java 1248]
  [org.owasp.dependencycheck.data.nvdcve.CveDB updateVulnerabilityInsertSoftware CveDB.java 1098]
  [org.owasp.dependencycheck.data.nvdcve.CveDB updateVulnerability CveDB.java 816]
  [org.owasp.dependencycheck.data.update.nvd.NvdCveParser parse NvdCveParser.java 114]
  [org.owasp.dependencycheck.data.update.nvd.ProcessTask importJSON ProcessTask.java 141]
  [org.owasp.dependencycheck.data.update.nvd.ProcessTask processFiles ProcessTask.java 154]
  [org.owasp.dependencycheck.data.update.nvd.ProcessTask call ProcessTask.java 114]
  [org.owasp.dependencycheck.data.update.nvd.ProcessTask call ProcessTask.java 41]
  [java.util.concurrent.FutureTask run FutureTask.java 264]
  [java.util.concurrent.ThreadPoolExecutor runWorker ThreadPoolExecutor.java 1136]
  [java.util.concurrent.ThreadPoolExecutor$Worker run ThreadPoolExecutor.java 635]
  [java.lang.Thread run Thread.java 833]]}
devn commented 1 year ago

See: #31