diff --git a/v11y/testdata/CVE-2021-3601.json b/v11y/testdata/CVE-2021-3601.json new file mode 100644 index 000000000..bafe6130b --- /dev/null +++ b/v11y/testdata/CVE-2021-3601.json @@ -0,0 +1,29 @@ +{ + "containers": { + "cna": { + "providerMetadata": { + "dateUpdated": "2022-07-29T09:35:09", + "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", + "shortName": "openssl" + }, + "rejectedReasons": [ + { + "lang": "en", + "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061" + } + ] + } + }, + "cveMetadata": { + "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", + "assignerShortName": "openssl", + "cveId": "CVE-2021-3601", + "datePublished": "2022-07-29T09:35:09", + "dateRejected": "2022-07-29T09:35:09", + "dateReserved": "2021-06-14T00:00:00", + "dateUpdated": "2022-07-29T09:35:09", + "state": "REJECTED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.0" +} \ No newline at end of file diff --git a/v11y/walker/src/lib.rs b/v11y/walker/src/lib.rs index 70ef1d289..71f72d779 100644 --- a/v11y/walker/src/lib.rs +++ b/v11y/walker/src/lib.rs @@ -1,3 +1,4 @@ +use anyhow::Context; use collector_osv::client::schema::SeverityType; use collector_osv::client::OsvClient; use cve::published::Metric; @@ -199,8 +200,8 @@ impl Run { ); } } - return Ok(serde_json::to_vec::(&cve) - .expect("CVE should have been serialized into Vec")); + return serde_json::to_vec::(&cve) + .context("CVE should have been serialized into Vec"); } } }