ptecihner
commented
1 year ago Open ptecihner opened 1 year ago
ptecihner
commented
1 year ago 
aikebah
commented
1 year ago @ptecihner Did you modify the default characterset of mariadb from the default?
ptecihner
commented
1 year ago No
aikebah
commented
1 year ago Looks like there were unicode replacement characters (U+FFFD (�) encoded by the reported 0xEF BF DD in utf-8) surrounding IOMobileFrameBuffer in the short description of the Known Exploited Vulnerabilities datafeed of the CISA that have by now been corrected by replacing them with regular spaces. Do you still experience the issue on a fresh update?
cpfeiffer
commented
1 year ago I still see the same problem. See https://github.com/stefanneuhaus/dependencycheck-central-mysql-docker/issues/18 Even if the data feed would be fixed upstream, one shouldn't rely on that, IMHO.
aikebah
commented
1 year ago Fully agree to that cpfeiffer, but would need to get my hands on a problematic file to be able to reproduce and verify the fix.
cpfeiffer
commented
1 year ago If you download https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json have a look at the shortDescription for CVE-2021-42013 and CVE-2021-41773.
cpfeiffer
commented
1 year ago (those links to github's advisory data were not made by me, I entered plain CVE-...)
Describe the bug When using external db during the merge operation with cve and cisa the operation fails
Version of dependency-check used Maven 8.2.1
Log file Will attach later
To Reproduce Steps to reproduce the behavior:
Expected behavior Db to have been updated