Closed v01dXYZ closed 1 year ago
Hi @v01dXYZ, thanks for reporting this issue; we appreciate your report.
I want to explain that now (Safety 2.0+), all the vulnerabilities have a link to a CVE ID (or a PVE ID), so this issue is a bug coming from the bot's free and open-source database process and upload.
Therefore we are working on finding and fixing the issue that exported those null CVEs; also, we have added handling for "None" CVE ids in the Safety code.
PR #412 has the extra validation for None CVE ids; it will be available in the following Safety version.
I will close this issue; please, open a new one or comment if you have any other questions or concerns.
Description
The database file contains entries with the
cve
field equals tonull
. Contrary to1.10.3
which only parses the field if it is neitherNone
or""
, the version2.2.0
assumes it is always a string.What I Did