cve-search
Can't add items to whitelist/blacklist
Describe the bug
I try to add items to the whitelist (but blacklist has the same issue).
I tried in the admin section under whitelist --> view --> Add CPE
for example
cpe:2.3:o:cisco:ios_xr:
When I click on add the following error appears in the docker Logs:
cve_search-1 | Error inserting item in database: module 'lib.DatabaseLayer' has no attribute 'isInWhitelist'
When I try it with "browse" the following error appears on the webui:
And in the Logs only the following message appears:
mongo-1 | {"t":{"$date":"2024-10-09T07:23:29.037+00:00"},"s":"I", "c":"COMMAND", "id":51803, "ctx":"conn386","msg":"Slow query","attr":{"type":"command","ns":"cvedb.cves","command":{"find":"cves","filter":{"cpeName":{"$regex":"12000_router"}},"sort":{"modified":-1},"allowDiskUse":true,"lsid":{"id":{"$uuid":"30d45dad-71fa-4e7a-a45d-349fc5705c7d"}},"$db":"cvedb"},"planSummary":"IXSCAN { modified: 1 }","planningTimeMicros":258,"keysExamined":250616,"docsExamined":250616,"nBatches":1,"cursorExhausted":true,"numYields":250,"nreturned":0,"queryHash":"FCE7B0C3","planCacheKey":"FCE7B0C3","queryFramework":"classic","reslen":99,"locks":{"FeatureCompatibilityVersion":{"acquireCount":{"r":251}},"Global":{"acquireCount":{"r":251}},"Mutex":{"acquireCount":{"r":1}}},"storage":{},"remote":"172.20.0.5:39120","protocol":"op_msg","durationMillis":955}}
To Reproduce Steps to reproduce the behavior:
- Go to 'https://X.X.X.X/admin/whitelist'
- Add CPE or browse for CPE and try to add
- See error
Expected behavior Normaly both ways should work for adding items to the whitelist
Desktop (please complete the following information if applicable):
- OS: Ubuntu 22.04 LTS with docker 27.3.1
- Browser chrome
- Docker Compose Version 1.29.2
also when I try to change the admin password with the UI I get:
cve_search-1 | Traceback (most recent call last):
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask_login/utils.py", line 277, in decorated_view
cve_search-1 | return current_app.ensure_sync(func)(*args, **kwargs)
cve_search-1 | File "/app/web/../web/admin/views.py", line 69, in change_pass
cve_search-1 | if current_user.authenticate(current_pass):
cve_search-1 | File "/app/web/../lib/User.py", line 34, in authenticate
cve_search-1 | return self.authenticator.validateUser(self.id, password)
cve_search-1 | AttributeError: 'User' object has no attribute 'authenticator'
cve_search-1 |
cve_search-1 | During handling of the above exception, another exception occurred:
cve_search-1 |
cve_search-1 | Traceback (most recent call last):
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 2077, in wsgi_app
cve_search-1 | response = self.full_dispatch_request()
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1525, in full_dispatch_request
cve_search-1 | rv = self.handle_user_exception(e)
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask_restx/api.py", line 674, in error_router
cve_search-1 | return original_handler(e)
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1523, in full_dispatch_request
cve_search-1 | rv = self.dispatch_request()
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1509, in dispatch_request
cve_search-1 | return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
cve_search-1 | File "/usr/local/lib/python3.10/site-packages/flask_login/utils.py", line 279, in decorated_view
cve_search-1 | return func(*args, **kwargs)
cve_search-1 | File "/app/web/../web/admin/views.py", line 69, in change_pass
cve_search-1 | if current_user.authenticate(current_pass):
cve_search-1 | File "/app/web/../lib/User.py", line 34, in authenticate
cve_search-1 | return self.authenticator.validateUser(self.id, password)
cve_search-1 | AttributeError: 'User' object has no attribute 'authenticator'