[jira] [Created] (ZOOKEEPER-4960) Upgrade OWASP plugin to 10.0.4 due to recent parsing errors

[Andor Molnar (Jira)]

Andor Molnar created ZOOKEEPER-4960:
---------------------------------------

             Summary: Upgrade OWASP plugin to 10.0.4 due to recent parsing 
errors
                 Key: ZOOKEEPER-4960
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4960
             Project: ZooKeeper
          Issue Type: Bug
          Components: security
    Affects Versions: 3.9.3, 3.8.4, 3.10.0
            Reporter: Andor Molnar
            Assignee: Andor Molnar


Looks like our Owasp version 8.3.1 is outdated, because recently started to 
throw the following errors:
{noformat}
12:06:36  [ERROR] org.owasp.dependencycheck.data.nvdcve.DatabaseException: 
Unable to parse CPE: cpe:2.3:a:f5:nginx unit:*:*:*:*:*:*:*:*
12:06:36  org.owasp.dependencycheck.data.update.exception.UpdateException: 
org.owasp.dependencycheck.data.nvdcve.DatabaseException: Unable to parse CPE: 
cpe:2.3:a:f5:nginx unit:*:*:*:*:*:*:*:*
12:06:36      at 
org.owasp.dependencycheck.data.update.nvd.ProcessTask.processFiles 
(ProcessTask.java:157)
12:06:36      at org.owasp.dependencycheck.data.update.nvd.ProcessTask.call 
(ProcessTask.java:114)
12:06:36      at org.owasp.dependencycheck.data.update.nvd.ProcessTask.call 
(ProcessTask.java:41)
12:06:36      at java.util.concurrent.FutureTask.run (FutureTask.java:266)
12:06:36      at java.util.concurrent.ThreadPoolExecutor.runWorker 
(ThreadPoolExecutor.java:1149)
12:06:36      at java.util.concurrent.ThreadPoolExecutor$Worker.run 
(ThreadPoolExecutor.java:624)
12:06:36      at java.lang.Thread.run (Thread.java:750){noformat}
I'll try to upgrade to a more recent version which still has Java 8 support.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)