WARNING - Work in Progress - It is not Bug Free! Use with Caution. This repository contains Dockerfiles and accompanying scripts that allow deployment of sw360 via docker
Eclipse Public License 1.0
13
stars
18
forks
source link
Hardcoded Commit of cve-search no longer works. NVD XML retirement. #73
cve-search-server/Dockerfile contains a hardcoded commit hash for the cve-search project:
ENV BRANCH=4c165eff1af0e4c7bdf103c341203717ae677f64
The population of the cve database fails because NVD have retired the XML feed of CVE records. https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3
Version 2.3 of cve-search (Sep 18, 2019) https://github.com/cve-search/cve-search/releases/tag/v2.3 adds support for the new JSON format from NVD.