You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a release has no CPE ID set the query for cve-search api seems to be generated from the name, vendor and version.
The resulting CPE ID (according to the log) is something like this
cpe:2.3:*:apache:log4net:1.2.9_beta.* resulting in a api query like this: https://cvepremium.circl.lu/api/cvefor/cpe%3A2.3%3A*%3Aapache%3Alog4net%3A1.2.9_beta.*
It looks like there is a regex in the place of "part" and at the end of the version.
It seems like cve-search (and cvepremium) do not support regexes in the query (any more?).
Maybe because of this: cve-search/cve-search#629
Description
If a release has no CPE ID set the query for cve-search api seems to be generated from the name, vendor and version.
The resulting CPE ID (according to the log) is something like this
cpe:2.3:*:apache:log4net:1.2.9_beta.* resulting in a api query like this: https://cvepremium.circl.lu/api/cvefor/cpe%3A2.3%3A*%3Aapache%3Alog4net%3A1.2.9_beta.*
It looks like there is a regex in the place of "part" and at the end of the version.
It seems like cve-search (and cvepremium) do not support regexes in the query (any more?).
Maybe because of this: cve-search/cve-search#629
The query works with couchdb wildcards ? and * instead of regexes i.e.:
https://cvepremium.circl.lu/api/cvefor/cpe%3A2.3%3A?%3Aapache%3Alog4net%3A1.2.9_beta*
How to reproduce
Versions
Screenshots
SW360 logs
2024-08-21 11:04:22 ERROR Heuristic:53 - IOException in searchlevel 2024-08-21T13:04:23.168155941+02:00 with description=heuristic (dist. 00) 2024-08-21T13:04:23.168159705+02:00 with needle=cpe:2.3:.:apache:log4net:1.2.9_beta.* 2024-08-21T13:04:23.168161712+02:00 with exception message=https://cve-search.internal.bachmann.at/api/cvefor/cpe%3A2.3%3A.%3Aapache%3Alog4net%3A1.2.9_beta.* 2024-08-21T13:04:23.168163972+02:00 java.io.FileNotFoundException: https://cve-search.internal.bachmann.at/api/cvefor/cpe%3A2.3%3A.%3Aapache%3Alog4net%3A1.2.9_beta.*
The text was updated successfully, but these errors were encountered: