search

e-m-b-a / emba

EMBA - The firmware security analyzer
https://www.securefirmware.de
GNU General Public License v3.0
2.62k stars 229 forks source link

NVD CVE database missing #1108

Closed ylwang0425 closed 5 months ago

ylwang0425 commented 6 months ago

Describe the bug NVD CVE database missing when i install emba

To Reproduce Steps to reproduce the behavior:

  1. EMBA installation (dev-mode/default mode) default mode

  2. Use the firmware available here:

  3. Start EMBA with the following parameters: sudo ./emba.sh

  4. additional steps

  5. See error

Expected behavior A clear and concise description of what you expected to happen.

Screenshots

file Description: Recognize the type of data in a file using "magic" numbers Download-Size: 43.1 kB file won't be updated.

python3-pip Description: Python package installer Download-Size: 1517 kB python3-pip won't be updated.

requests requests will be installed.

These applications will be installed/updated!

Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 493 not upgraded. Collecting requests Using cached requests-2.31.0-py3-none-any.whl.metadata (4.6 kB) Collecting charset-normalizer<4,>=2 (from requests) Using cached charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (33 kB) Collecting idna<4,>=2.5 (from requests) Using cached idna-3.6-py3-none-any.whl.metadata (9.9 kB) Collecting urllib3<3,>=1.21.1 (from requests) Using cached urllib3-2.2.1-py3-none-any.whl.metadata (6.4 kB) Collecting certifi>=2017.4.17 (from requests) Using cached certifi-2024.2.2-py3-none-any.whl.metadata (2.2 kB) Using cached requests-2.31.0-py3-none-any.whl (62 kB) Using cached certifi-2024.2.2-py3-none-any.whl (163 kB) Using cached charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (140 kB) Using cached idna-3.6-py3-none-any.whl (61 kB) Using cached urllib3-2.2.1-py3-none-any.whl (121 kB) Installing collected packages: urllib3, idna, charset-normalizer, certifi, requests Successfully installed certifi-2024.2.2 charset-normalizer-3.3.2 idna-3.6 requests-2.31.0 urllib3-2.2.1 installer.sh: line 325: CVE_SEARCH: unbound variable

Desktop (please complete the following information):

Priority issue Are you already a Sponsor? - [Y/N]

Additional context Add any other context about the problem here.

m-1-k-3 commented 6 months ago

Hi @ylwang0425

really wondering how this could happen as the CVE_SEARCH variable should be set during the init phase if used with -d

https://github.com/e-m-b-a/emba/blob/fd8629b1aa23a3bb8519f60b4cb692e6834a4dda/installer.sh#L100

torabi12 commented 6 months ago

Installer works fine on Kali:

kép

m-1-k-3 commented 5 months ago

problem solved? Anything else we can support you?