Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NVD API request failures are occurring - NVD Returned Status Code: 503 #182

Open
damienpuig opened this issue Jul 4, 2024 · 3 comments
Open

NVD API request failures are occurring - NVD Returned Status Code: 503 #182

damienpuig opened this issue Jul 4, 2024 · 3 comments
Labels
question Further information is requested

Comments

@damienpuig
Copy link

Hi!

NVD_API_KEY is set correctly.

Our Vulnz job stopped working a few days ago. Here is how we execute it:

      # requires NVD_API_KEY
      VULNZ_VERSION=6.1.1

      curl -sL https://github.com/jeremylong/Open-Vulnerability-Project/releases/download/v${VULNZ_VERSION}/vulnz-${VULNZ_VERSION}.jar \
        > vulnz-${VULNZ_VERSION}.jar
      chmod 777 vulnz-${VULNZ_VERSION}.jar

      java -Xmx2g -jar ./vulnz-${VULNZ_VERSION}.jar cve --cache --directory ./cache

Here is the result:

NVD API request failures are occurring; retrying request for the 5 time
NVD API request failures are occurring; retrying request for the 6 time
NVD API request failures are occurring; retrying request for the 7 time
NVD API request failures are occurring; retrying request for the 8 time
NVD API request failures are occurring; retrying request for the 9 time
NVD API request failures are occurring; retrying request for the 10 time
NVD API request failures are occurring; retrying request for the 11 time
Unable to complete NVD cache update due to error: NVD Returned Status Code: 503
io.github.jeremylong.vulnz.cli.cache.CacheException: Unable to complete NVD cache update due to error: NVD Returned Status Code: 503
	at io.github.jeremylong.vulnz.cli.commands.CveCommand.processRequest(CveCommand.java:276)
	at io.github.jeremylong.vulnz.cli.commands.CveCommand.timedCall(CveCommand.java:223)
	at io.github.jeremylong.vulnz.cli.commands.TimedCommand.call(TimedCommand.java:36)
	at io.github.jeremylong.vulnz.cli.commands.TimedCommand.call(TimedCommand.java:25)
	at picocli.CommandLine.executeUserObject(CommandLine.java:2045)
	at picocli.CommandLine.access$1500(CommandLine.java:148)
	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2465)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2457)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2[41](https://<ci-url>#L41)9)
	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2277)
	at picocli.CommandLine$RunLast.execute(CommandLine.java:2[42](https://<ci-url>#L42)1)
	at picocli.CommandLine.execute(CommandLine.java:2174)
	at io.github.jeremylong.vulnz.cli.Application.run(Application.java:73)
	at org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:765)
	at org.springframework.boot.SpringApplication.lambda$callRunners$2(SpringApplication.java:749)
	at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
	at java.base/java.util.stream.SortedOps$SizedRefSortingSink.end(SortedOps.java:357)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:510)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
	at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151)
	at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174)
	at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
	at java.base/java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:596)
	at org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:7[44](https://<ci-url>#L44))
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1300)
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1289)
	at io.github.jeremylong.vulnz.cli.Application.main(Application.java:61)
	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
	at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:[49](https://<ci-url>#L49))
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
	at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65)
Completed in 23 seconds
@jeremylong
Copy link
Owner

The NVD is experiencing an availability issue - they are working on it. See https://groups.google.com/a/list.nist.gov/g/nvd-news/c/sJmF-2XIA80

@jeremylong jeremylong added the question Further information is requested label Jul 4, 2024
@ankurga
Copy link

ankurga commented Jul 4, 2024

NVD guys are having issues at their side since past couple of days.:

https://groups.google.com/a/list.nist.gov/g/nvd-news/c/sJmF-2XIA80

@damienpuig
Copy link
Author

Thanks guys!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jeremylong @damienpuig @ankurga