Oct 23, 2019
09:49 AM
We use Flexnet Codeinsight 2018 R4 since te last update the scans Fail due to missing CVE id's. When pushing scanns from jenkins with the pipeline-plugin the scan fails with exception: 15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-14062
java.lang.Exception: No CVE for id CVE-2017-14062
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:745)
15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2013-3249
java.lang.Exception: No CVE for id CVE-2013-3249
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:745)
15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-7320
java.lang.Exception: No CVE for id CVE-2017-7320
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:745)
15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2017-7322
java.lang.Exception: No CVE for id CVE-2017-7322
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.getFields(SearchCVEApvAnalyzer.java:420)
at com.flexnet.codeaware.lucene.Index.storeDocument(Index.java:237)
at com.flexnet.codeaware.cve.lucene.SearchCVEApvAnalyzer.indexFile(SearchCVEApvAnalyzer.java:125)
at com.flexnet.codeaware.lucene.T2.run(T2.java:68)
at java.lang.Thread.run(Thread.java:745)
15:46:00 INFO c.f.c.c.l.RangeCpeStreamer No CVE for id CVE-2012-4024 and so on... unti at the end it has following exception: 15:46:08 INFO c.f.c.c.l.RangeCpeStreamer Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption
java.lang.Exception: Invalid component line during create index: dell| data_protection_\|_encryption| data protection \| encryption
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345)
at java.lang.Thread.run(Thread.java:745)
15:46:08 INFO c.f.c.c.l.RangeCpeStreamer Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political
java.lang.Exception: Invalid component line during create index: diplomat_\|_political_project| diplomat_\|_political| diplomat \| political
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.indexLine(SearchCVEComponent.java:189)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent.access$100(SearchCVEComponent.java:46)
at com.flexnet.codeaware.cve.lucene.SearchCVEComponent$T1.run(SearchCVEComponent.java:345)
at java.lang.Thread.run(Thread.java:745)
Failed to complete scan.
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.flexnet.codeinsight.plugins.agent.ScanExecutor.scanCodebase(ScanExecutor.java:171)
at com.flexnet.codeinsight.plugins.codeinsight_plugin.DistributedPipelineExecutor.call(DistributedPipelineExecutor.java:73)
at com.flexnet.codeinsight.plugins.codeinsight_plugin.DistributedPipelineExecutor.call(DistributedPipelineExecutor.java:21)
at hudson.remoting.LocalChannel.call(LocalChannel.java:45)
at com.flexnet.codeinsight.plugins.codeinsight_plugin.CodeinsightPluginStep$CodeinsightPluginStepExecution.run(CodeinsightPluginStep.java:231)
at com.flexnet.codeinsight.plugins.codeinsight_plugin.CodeinsightPluginStep$CodeinsightPluginStepExecution.run(CodeinsightPluginStep.java:149)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1$1.call(AbstractSynchronousNonBlockingStepExecution.java:47)
at hudson.security.ACL.impersonate(ACL.java:290)
at org.jenkinsci.plugins.workflow.steps.AbstractSynchronousNonBlockingStepExecution$1.run(AbstractSynchronousNonBlockingStepExecution.java:44)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:459)
at com.flexnet.codeaware.cve.CVEIndexer2.build(CVEIndexer2.java:249)
at com.flexnet.codeaware.cve.lucene.SearchCVEAnalyzer.appendCVEsIfFound(SearchCVEAnalyzer.java:265)
at com.flexnet.codeaware.AnalysisDriver.analyze(AnalysisDriver.java:198)
at com.flexnet.codeaware.AnalysisDriver.analyze(AnalysisDriver.java:148)
at com.flexnet.codeaware.embedded.EmbeddedScanner.scan(EmbeddedScanner.java:64)
... 18 more
Scan results :
FAILURE
... View more
Labels
- Labels:
-
General
Latest posts by adbuch
Subject | Views | Posted |
---|---|---|
1958 | Oct 23, 2019 09:49 AM |
Activity Feed
- Posted Scan fail since last electronic update on Code Insight Forum. Oct 23, 2019 09:49 AM