fix: [bug description] Not able to generate any vuln report in STDOUT nor SBOMs for mounted qcow2

[omkhard]

Description

Not able to generate any vuln report in STDOUT nor SBOMs for mounted qcow2

To reproduce

okhard@keep-platform-utility:~/$ cve-bin-tool /mnt/ [11:20:22] INFO cve_bin_tool - CVE Binary Tool v3.4 cli.py:624 INFO cve_bin_tool - This product uses the NVD API but is not endorsed or cli.py:625 certified by the NVD.
INFO cve_bin_tool - For potentially faster NVD downloads, mirrors are available cli.py:628 using -n json-mirror
[11:20:23] INFO cve_bin_tool - Getting NVD CVE data... nvd_source.py:389 INFO cve_bin_tool - Getting GitLab Advisory Database CVEs... gad_source.py:86 INFO cve_bin_tool - Getting RedHat CVEs... redhat_source.py:69 INFO cve_bin_tool - Getting PURL2CPE data... purl2cpe_source.py:36 ERROR CVEDB - Unable to fetch EPSS, skipping EPSS. epss_source.py:158 Downloading CVEs... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:41 [11:24:55] INFO cve_bin_tool - Adding 35598 RedHat CVE entries redhat_source.py:136 [11:29:12] INFO cve_bin_tool - Getting Open Source Vulnerability Database CVEs... osv_source.py:161 Killed

Expected behaviour: Should show the vulnerable packages with CVE in stdout as well as in SBOM if sbom tags are given. Actual behaviour: Not happening as Expected.

Version/platform info

Version of CVE-bin-tool( e.g. output of cve-bin-tool --version): Installed from pypi or github? Operating system: Linux/Windows (other platforms are unsupported but feel free to report issues anyhow)

• okhard@keep-platform-utility:~/$ uname -a Linux keep-platform-utility 5.15.0-122-generic 132-Ubuntu SMP Thu Aug 29 13:45:52 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
• okhard@keep-platform-utility:~/$ python3 --version Python 3.10.12 Running in any particular CI environment we should know about? (e.g. Github Actions)