Jenkins Maven OWASP错误"[ error ] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2008.xml.gz“
Jenkins Maven OWASP错误"[ error ] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2008.xml.gz“
提问于 2021-03-22 22:27:14
在使用OWASP分析代码时,我们会遇到以下错误
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2008.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2008.xml.gz
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2002.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2002.xml.gz
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2018.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2018.xml.gz
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2009.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2009.xml.gz
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2007.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2007.xml.gz
14:23:39 [WARNING] Unable to download the NVD CVE data; the results may not include the most recent CPE/CVEs from the NVD.
14:23:39 [INFO] If you are behind a proxy you may need to configure dependency-check to use the proxy.
14:23:39 [ERROR] IO Exception connecting to https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2010.xml.gz: HEAD request returned a non-200 status code: https://nvd.nist.gov/feeds/xml/cve/2.0/nvdcve-2.0-2010.xml.gz
14:23:39 [WARNING] Unable to update Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities.
14:23:39 [ERROR] No documents exist
14:23:39
14:23:39 Unable to continue dependency-check analysis.
14:23:39 [INFO] ------------------------------------------------------------------------
14:23:39 [INFO] BUILD FAILURE
14:23:39 [INFO] ------------------------------------------------------------------------
...
14:23:40 [INFO] ------------------------------------------------------------------------
14:23:40 [ERROR] Failed to execute goal org.owasp:dependency-check-maven:4.0.2:check (default-cli) on project wbe-common: Fatal exception(s) analyzing wbe-common: Unable to continue dependency-check analysis.
14:23:40 [ERROR] Unable to download the NVD CVE data.
14:23:40 [ERROR] No documents exist
...
14:23:40 [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
14:23:40 Build step 'Execute shell' marked build as failure
14:23:40 Finished: FAILURE 我们在POM文件中使用的是"3.1.2“版本,但仍然不走运
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>3.1.2</version>
<configuration>
<cveUrl12Modified>https://nvd.nist.gov/feeds/xml/cve/1.2/nvdcve-modified.xml.gz</cveUrl12Modified>
...
</configuration>
</plugin>有人能帮个忙吗?
~Karthik
回答 1
Stack Overflow用户
发布于 2021-09-09 16:38:59
我在Maven Central Repository中将pom.xml中的org.owasp插件版本从4.0.2更新到5.3.1,以遵循khmarbaise的建议,并且工作正常。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/66748027
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号