Hans Aikema

> Is there any way to get around this? I assume I have this issue for one of my applications where it lists 380 vulnerabilities all referring to an older...

I think neither approach would be 'correct'. The jars belong to only a single CPE (the notion of CPE registry is that entry has a 1:m link to software artifacts...

From the same documentation: > This feature is currently highly experimental and not enabled by default > Some APIs are missing and cannot yet be used as task inputs, for...

N/A is only applicable to CVSS v2 score, and NVD has opted to no longer compute CVSSv2: https://nvd.nist.gov/general/news/retire-cvss-v2 so that for newer CVEs you're likely to find only N/A as...

Something buggy going on with the ecosystem. v8.4.3: All mongodb:mongodb CPE entries are linked to ecosystem native v9.0.x: Some mongodb:mongodb CPE entries are still linked to ecosystem native, but many...

Promoting from FP report to bug

CPEs for 9.x: ```csv 112074,a,mongodb,mongodb,*,*,*,*,*,*,*,*,native 112075,a,mongodb,mongodb,1.2.0,*,*,*,*,*,*,*, 112076,a,mongodb,mongodb,1.4.0,*,*,*,*,*,*,*, 112077,a,mongodb,mongodb,1.6.0,*,*,*,*,*,*,*, 112078,a,mongodb,mongodb,1.8.0,*,*,*,*,*,*,*, 112079,a,mongodb,mongodb,2.0.0,*,*,*,*,*,*,*, 112080,a,mongodb,mongodb,2.0.1,*,*,*,*,*,*,*, 112081,a,mongodb,mongodb,2.0.2,*,*,*,*,*,*,*, 112082,a,mongodb,mongodb,2.0.3,*,*,*,*,*,*,*, 112083,a,mongodb,mongodb,2.0.4,*,*,*,*,*,*,*, 112084,a,mongodb,mongodb,2.0.5,*,*,*,*,*,*,*, 112085,a,mongodb,mongodb,2.0.6,*,*,*,*,*,*,*, 112086,a,mongodb,mongodb,2.0.7,*,*,*,*,*,*,*, 112087,a,mongodb,mongodb,2.0.8,*,*,*,*,*,*,*, 112088,a,mongodb,mongodb,2.2.0,*,*,*,*,*,*,*, 112089,a,mongodb,mongodb,2.2.1,*,*,*,*,*,*,*, 112090,a,mongodb,mongodb,2.2.2,*,*,*,*,*,*,*, 112091,a,mongodb,mongodb,2.2.3,*,*,*,*,*,*,*, 112092,a,mongodb,mongodb,2.2.4,*,*,*,*,*,*,*, 112093,a,mongodb,mongodb,2.2.5,*,*,*,*,*,*,*, 112094,a,mongodb,mongodb,2.2.6,*,*,*,*,*,*,*, 112095,a,mongodb,mongodb,2.2.7,*,*,*,*,*,*,*, 112096,a,mongodb,mongodb,2.3.0,*,*,*,*,*,*,*, 118001,a,mongodb,mongodb,2.4.0,*,*,*,*,*,*,*,native 118002,a,mongodb,mongodb,2.4.1,*,*,*,*,*,*,*,native 118003,a,mongodb,mongodb,2.4.2,*,*,*,*,*,*,*,native...

More likely you're suffering from an intentional change referenced in the release notes and before you just didn't notice it didn't work?: >ArchiveAnalyzer will now correctly throw an exception if...

From the error message it appears like Oracle does not support setting a Boolean columns to NULL (16 is java.sql.Types.BOOLEAN) or the column in the oracle db schema is not...

:D can't promise anything, but will try to take a look into the code tomorrow to try and uncover which field the stacktrace is complaining about and why that would...