Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invocation of method 'getHighestSeverityText' in class org.owasp.dependencycheck.dependency.Vulnerability threw exception java.lang.NullPointerException #425

Closed
seokjh-aromit opened this issue Nov 25, 2024 · 4 comments

Comments

@seokjh-aromit
Copy link

Plugin Version: 8.2.1 (org.owasp.dependencycheck)
JDK Version: azul/zulu-openjdk 17.0.8
Gradle Version: 7.6.1

Details

------------------------------------------------------------
Gradle 7.6.1
------------------------------------------------------------

Build time:   2023-02-24 13:54:42 UTC
Revision:     3905fe8ac072bbd925c70ddbddddf4463341f4b4

Kotlin:       1.7.10
Groovy:       3.0.13
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          17.0.8 (Azul Systems, Inc. 17.0.8+7-LTS)
OS:           Windows 10 10.0 amd64

Today I suddenly got a NullPointerException error while performing 'dependencyCheckAnalyze' .

> Task :dependencyCheckAnalyze FAILED

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':dependencyCheckAnalyze'.
> Invocation of method 'getHighestSeverityText' in  class org.owasp.dependencycheck.dependency.Vulnerability threw exception java.lang.NullPointerException: Cannot invoke "String.toUpperCase()" because the return value of "org.owasp.dependencycheck.utils.SeverityUtil.unscoredToSeveritytext(String)" is null at templates/htmlReport.vsl[line 795, column 43]

There have been no changes to the plugin version in the past few months, and
there were no problems on the morning of the day the issue occurred.

Is there any advice you can give me?

Thanks

@MrException
Copy link

My team is experiencing this same issue.

@mviku
Copy link

mviku commented Nov 26, 2024

Facing this issue as well

Plugin version : 8.2.1
Gradle version : 8.5

------------------------------------------------------------
Gradle 8.5
------------------------------------------------------------

Build time:   2023-11-29 14:08:57 UTC
Revision:     28aca86a7180baa17117e0e5ba01d8ea9feca598

Kotlin:       1.9.20
Groovy:       3.0.17
Ant:          Apache Ant(TM) version 1.10.13 compiled on January 4 2023
JVM:          17.0.4 (Amazon.com Inc. 17.0.4+8-LTS)
OS:           Windows 11 10.0 amd64

Error occurs with JDK 17 Temurin builds as well

@jeremylong
Copy link
Collaborator

8.4.0 is no longer supported. Please use the latest version of dependency-check.

@jeremylong
Copy link
Collaborator

This will be fixed in the 12.0 release. See jeremylong/DependencyCheck#7204

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants