fix: [cve-bin-tool DatabaseError: file is not a database] #5018
Description
/data/jenkins/.local/bin/cve-bin-tool /data/jenkins/firmware/app.bin -f csv -o /data/jenkins/firmware/report/cve_scan_result_app.csv -u now --nvd-api-key cd50xxx
[11:12:08] INFO cve_bin_tool - CVE Binary Tool v3.4 cli.py:624
INFO cve_bin_tool - This product uses the NVD API but is not endorsed or certified by the NVD. cli.py:625
INFO cve_bin_tool - For potentially faster NVD downloads, mirrors are available using -n json-mirror cli.py:628
[11:12:32] WARNING cve_bin_tool.CVEDB - Updating cachedir /data/jenkins/.cache/cve-bin-tool cvedb.py:652
[11:12:37] INFO cve_bin_tool - Getting NVD CVE data... nvd_source.py:389
INFO cve_bin_tool - Getting GitLab Advisory Database CVEs... gad_source.py:86
INFO cve_bin_tool.CVEDB - Rolling back the cache to its previous state cvedb.py:797
INFO cve_bin_tool - Getting RedHat CVEs... redhat_source.py:69
INFO cve_bin_tool - Getting PURL2CPE data... purl2cpe_source.py:36
ERROR CVEDB - Unable to fetch EPSS, skipping EPSS. epss_source.py:158
[11:12:38] INFO cve_bin_tool - Adding 37701 RedHat CVE entries redhat_source.py:136
Downloading CVEs... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:32
[11:35:27] INFO cve_bin_tool - Getting Open Source Vulnerability Database CVEs... osv_source.py:161
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /data/jenkins/.local/bin/cve-bin-tool:8 in │
│ │
│ 5 from cve_bin_tool.cli import main │
│ 6 if name == 'main': │
│ 7 │ sys.argv[0] = re.sub(r'(-script.pyw|.exe)?$', '', sys.argv[0]) │
│ ❱ 8 │ sys.exit(main()) │
│ 9 │
│ │
│ /data/jenkins/.local/lib/python3.11/site-packages/cve_bin_tool/cli.py:891 in main │
│ │
│ 888 │ │
│ 889 │ # update db if needed │
│ 890 │ if db_update != "never": │
│ ❱ 891 │ │ cvedb_orig.get_cvelist_if_stale() │
│ 892 │ else: │
│ 893 │ │ LOGGER.warning("Not verifying CVE DB cache") │
│ 894 │ │ if not cvedb_orig.check_cve_entries(): │
│ │
│ /data/jenkins/.local/lib/python3.11/site-packages/cve_bin_tool/cvedb.py:316 in │
│ get_cvelist_if_stale │
│ │
│ 313 │ │ │ datetime.datetime.today() │
│ 314 │ │ │ - datetime.datetime.fromtimestamp(self.dbpath.stat().st_mtime) │
│ 315 │ │ ) > datetime.timedelta(hours=24): │
│ ❱ 316 │ │ │ self.refresh_cache_and_update_db() │
│ 317 │ │ │ self.time_of_last_update = datetime.datetime.today() │
│ 318 │ │ else: │
│ 319 │ │ │ _ = self.get_db_update_date() │
│ │
│ /data/jenkins/.local/lib/python3.11/site-packages/cve_bin_tool/cvedb.py:302 in │
│ refresh_cache_and_update_db │
│ │
│ 299 │ │ run_coroutine(self.refresh()) │
│ 300 │ │ │
│ 301 │ │ # if the database isn't open, open it │
│ ❱ 302 │ │ self.init_database() │
│ 303 │ │ self.populate_db() │
│ 304 │ │ self.LOGGER.debug("Updating exploits data.") │
│ 305 │ │ self.create_exploit_db() │
│ │
│ /data/jenkins/.local/lib/python3.11/site-packages/cve_bin_tool/cvedb.py:413 in init_database │
│ │
│ 410 │ │ │
│ 411 │ │ # Create all tables from latest schemas │
│ 412 │ │ for table in self.TABLE_SCHEMAS: │
│ ❱ 413 │ │ │ cursor.execute(self.TABLE_SCHEMAS[table]) │
│ 414 │ │ │
│ 415 │ │ # add indexes │
│ 416 │ │ for index in self.INDEXES: │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
DatabaseError: file is not a database