search

sjvermeu / cvechecker

Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
GNU General Public License v3.0
258 stars 68 forks source link

"pullcves pull" can't process nvdcve-2.0-2014.csv #26

Closed DerDakon closed 7 years ago

DerDakon commented 7 years ago

When trying to process the files nvdcve-2.0-2014.csv and nvdcve-2.0-2016.csv, the process terminates at one point.

The error message which shows up is following:

! Error while reading in CVE entries: CPE type in line 80867 is not one of a/o/h

The line is different for 2016, but the reason and the error are the same.

The reason for that is a configuration error in the respective .xml file, which results in following csv line:

"CVE-2014-3672:2.1:cpe:/:::::~x86"

This line however is invalid and causes the error above.

sjvermeu commented 7 years ago

Hmm, I could make it non-fatal, even though it is an error in the syntax obtained from NVD.