Error retrieving https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2020.meta; received response code 404

Question

I am using gradle:5.6.2-jdk8 docker image in gitlab pipeline.

gradle clean build

Above command is failing with error: Unable to download meta file: https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2020.json.gz No documents exist

Only link related to this problem I found is: https://github.com/jeremylong/DependencyCheck/issues/2039

There isn't any solution available

Answer 1

Too early this year ?

2019 json is there : https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2019.json.gz

2020 version seems to not have been created yet or has another url...

Some hints there https://github.com/jeremylong/DependencyCheck/issues/2403

This is a duplicate of How to ignore Maven dependency-check failure on missing nvd file

Answer 2

2020 version is now available

https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2020.json.gz

Answer 3

You can add this inside dependencyCheck in build.gradle

    cve{
        urlBase='https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-%d.json.gz'
        urlModified='https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.json.gz'
    }