No CVE timestamp information found in the database

No timestamp of the last CVE update has been found in the database.

Issue description

The recommendation engine uses PyPA/advisory-db which gets periodically updated on the recommendation engine side and the update is tracked. If this warning message is produced, the recommendation engine cannot find timestamp about the CVE update. This might have security related implications as the database might not be up to date.

See What is CVE? for more information on the security and possible implications.

Affected packages

If the CVE database is not up to date, the security of all the used packages can be affected.

Severity

• WARNING

Issue fix

Please contact Thoth team with the issue description for additional help.

Recommendation types

All the recommendation types can produce this warning:

• latest
• performance
• security
• stable
• testing

See this document that describes recommendation types listed.

Related

• PyPA/advisory-db
• What is CVE?
• thoth-station/support