ImportError: sys.meta_path is None, Python is likely shutting down #5403
Description
OS: Debian sid
test@mars:~$ python3 --version
Python 3.13.9
test@mars:~$ python3 -m venv cve-bin-tool/
test@mars:~$ source cve-bin-tool/bin/activate
(cve-bin-tool) test@mars:~$ pip install cve-bin-tool
Collecting cve-bin-tool
Downloading cve_bin_tool-3.4-py3-none-any.whl.metadata (40 kB)
Collecting aiohttp>=3.9.4 (from aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading aiohttp-3.13.1-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (8.1 kB)
Collecting beautifulsoup4 (from cve-bin-tool)
Downloading beautifulsoup4-4.14.2-py3-none-any.whl.metadata (3.8 kB)
Collecting cvss (from cve-bin-tool)
Downloading cvss-3.6-py2.py3-none-any.whl.metadata (3.8 kB)
Collecting defusedxml (from cve-bin-tool)
Downloading defusedxml-0.7.1-py2.py3-none-any.whl.metadata (32 kB)
Collecting distro (from cve-bin-tool)
Downloading distro-1.9.0-py3-none-any.whl.metadata (6.8 kB)
Collecting filetype>=1.2.0 (from cve-bin-tool)
Downloading filetype-1.2.0-py2.py3-none-any.whl.metadata (6.5 kB)
Collecting gsutil (from cve-bin-tool)
Downloading gsutil-5.35.tar.gz (3.0 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 3.0/3.0 MB 11.7 MB/s 0:00:00
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Collecting jinja2>=2.11.3 (from cve-bin-tool)
Downloading jinja2-3.1.6-py3-none-any.whl.metadata (2.9 kB)
Collecting jsonschema>=3.0.2 (from cve-bin-tool)
Downloading jsonschema-4.25.1-py3-none-any.whl.metadata (7.6 kB)
Collecting lib4sbom>=0.7.2 (from cve-bin-tool)
Downloading lib4sbom-0.8.8-py2.py3-none-any.whl.metadata (45 kB)
Collecting lib4vex>=0.2.0 (from cve-bin-tool)
Downloading lib4vex-0.2.1-py2.py3-none-any.whl.metadata (4.3 kB)
Collecting python-gnupg (from cve-bin-tool)
Downloading python_gnupg-0.5.5-py2.py3-none-any.whl.metadata (2.0 kB)
Collecting packageurl-python (from cve-bin-tool)
Downloading packageurl_python-0.17.5-py3-none-any.whl.metadata (5.1 kB)
Collecting packaging>=22.0 (from cve-bin-tool)
Downloading packaging-25.0-py3-none-any.whl.metadata (3.3 kB)
Collecting plotly (from cve-bin-tool)
Downloading plotly-6.3.1-py3-none-any.whl.metadata (8.5 kB)
Collecting pyyaml>=5.4 (from cve-bin-tool)
Downloading pyyaml-6.0.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (2.4 kB)
Collecting requests>=2.32.2 (from cve-bin-tool)
Downloading requests-2.32.5-py3-none-any.whl.metadata (4.9 kB)
Collecting rich (from cve-bin-tool)
Downloading rich-14.2.0-py3-none-any.whl.metadata (18 kB)
Collecting rpmfile>=1.0.6 (from cve-bin-tool)
Downloading rpmfile-2.1.0-py3-none-any.whl.metadata (3.7 kB)
Collecting setuptools>=70.0.0 (from cve-bin-tool)
Using cached setuptools-80.9.0-py3-none-any.whl.metadata (6.6 kB)
Collecting urllib3>=2.2.2 (from cve-bin-tool)
Downloading urllib3-2.5.0-py3-none-any.whl.metadata (6.5 kB)
Collecting xmlschema (from cve-bin-tool)
Downloading xmlschema-4.2.0-py3-none-any.whl.metadata (8.0 kB)
Collecting zipp>=3.19.1 (from cve-bin-tool)
Downloading zipp-3.23.0-py3-none-any.whl.metadata (3.6 kB)
Collecting zstandard (from cve-bin-tool)
Downloading zstandard-0.25.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl.metadata (3.3 kB)
Collecting aiohappyeyeballs>=2.5.0 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading aiohappyeyeballs-2.6.1-py3-none-any.whl.metadata (5.9 kB)
Collecting aiosignal>=1.4.0 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading aiosignal-1.4.0-py3-none-any.whl.metadata (3.7 kB)
Collecting attrs>=17.3.0 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading attrs-25.4.0-py3-none-any.whl.metadata (10 kB)
Collecting frozenlist>=1.1.1 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading frozenlist-1.8.0-cp313-cp313-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl.metadata (20 kB)
Collecting multidict<7.0,>=4.5 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading multidict-6.7.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (5.3 kB)
Collecting propcache>=0.2.0 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading propcache-0.4.1-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (13 kB)
Collecting yarl<2.0,>=1.17.0 (from aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading yarl-1.22.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (75 kB)
Collecting idna>=2.0 (from yarl<2.0,>=1.17.0->aiohttp>=3.9.4->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading idna-3.11-py3-none-any.whl.metadata (8.4 kB)
Collecting aiodns>=3.3.0 (from aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading aiodns-3.5.0-py3-none-any.whl.metadata (5.8 kB)
Collecting Brotli (from aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading Brotli-1.1.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (5.5 kB)
Collecting backports.zstd (from aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading backports_zstd-1.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (6.9 kB)
Collecting pycares>=4.9.0 (from aiodns>=3.3.0->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading pycares-4.11.0-cp313-cp313-manylinux_2_28_x86_64.whl.metadata (4.5 kB)
Collecting MarkupSafe>=2.0 (from jinja2>=2.11.3->cve-bin-tool)
Downloading markupsafe-3.0.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (2.7 kB)
Collecting jsonschema-specifications>=2023.03.6 (from jsonschema>=3.0.2->cve-bin-tool)
Downloading jsonschema_specifications-2025.9.1-py3-none-any.whl.metadata (2.9 kB)
Collecting referencing>=0.28.4 (from jsonschema>=3.0.2->cve-bin-tool)
Downloading referencing-0.37.0-py3-none-any.whl.metadata (2.8 kB)
Collecting rpds-py>=0.7.1 (from jsonschema>=3.0.2->cve-bin-tool)
Downloading rpds_py-0.28.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (4.1 kB)
Collecting semantic-version (from lib4sbom>=0.7.2->cve-bin-tool)
Downloading semantic_version-2.10.0-py2.py3-none-any.whl.metadata (9.7 kB)
Collecting fastjsonschema (from lib4sbom>=0.7.2->cve-bin-tool)
Downloading fastjsonschema-2.21.2-py3-none-any.whl.metadata (2.3 kB)
Collecting csaf-tool>=0.3.2 (from lib4vex>=0.2.0->cve-bin-tool)
Downloading csaf_tool-0.3.2-py2.py3-none-any.whl.metadata (21 kB)
Collecting cffi>=1.5.0 (from pycares>=4.9.0->aiodns>=3.3.0->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading cffi-2.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl.metadata (2.6 kB)
Collecting pycparser (from cffi>=1.5.0->pycares>=4.9.0->aiodns>=3.3.0->aiohttp[speedups]>=3.9.4->cve-bin-tool)
Downloading pycparser-2.23-py3-none-any.whl.metadata (993 bytes)
Collecting charset_normalizer<4,>=2 (from requests>=2.32.2->cve-bin-tool)
Downloading charset_normalizer-3.4.4-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl.metadata (37 kB)
Collecting certifi>=2017.4.17 (from requests>=2.32.2->cve-bin-tool)
Downloading certifi-2025.10.5-py3-none-any.whl.metadata (2.5 kB)
Collecting soupsieve>1.2 (from beautifulsoup4->cve-bin-tool)
Downloading soupsieve-2.8-py3-none-any.whl.metadata (4.6 kB)
Collecting typing-extensions>=4.0.0 (from beautifulsoup4->cve-bin-tool)
Downloading typing_extensions-4.15.0-py3-none-any.whl.metadata (3.3 kB)
Collecting argcomplete>=3.6.2 (from gsutil->cve-bin-tool)
Downloading argcomplete-3.6.3-py3-none-any.whl.metadata (16 kB)
Collecting crcmod>=1.7 (from gsutil->cve-bin-tool)
Downloading crcmod-1.7.tar.gz (89 kB)
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Collecting fasteners>=0.14.1 (from gsutil->cve-bin-tool)
Downloading fasteners-0.20-py3-none-any.whl.metadata (4.8 kB)
Collecting gcs-oauth2-boto-plugin>=3.3 (from gsutil->cve-bin-tool)
Downloading gcs_oauth2_boto_plugin-3.3.tar.gz (22 kB)
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Collecting google-apitools>=0.5.32 (from gsutil->cve-bin-tool)
Downloading google_apitools-0.5.35-py3-none-any.whl.metadata (2.7 kB)
Collecting httplib2==0.20.4 (from gsutil->cve-bin-tool)
Downloading httplib2-0.20.4-py3-none-any.whl.metadata (2.5 kB)
Collecting google-reauth>=0.1.0 (from gsutil->cve-bin-tool)
Downloading google_reauth-0.1.1-py2.py3-none-any.whl.metadata (2.6 kB)
Collecting monotonic>=1.4 (from gsutil->cve-bin-tool)
Downloading monotonic-1.6-py2.py3-none-any.whl.metadata (1.5 kB)
Collecting pyOpenSSL<=24.2.1,>=0.13 (from gsutil->cve-bin-tool)
Downloading pyOpenSSL-24.2.1-py3-none-any.whl.metadata (13 kB)
Collecting retry_decorator>=1.0.0 (from gsutil->cve-bin-tool)
Downloading retry_decorator-1.1.1.tar.gz (3.9 kB)
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Collecting six>=1.17.0 (from gsutil->cve-bin-tool)
Downloading six-1.17.0-py2.py3-none-any.whl.metadata (1.7 kB)
Collecting google-auth==2.39.0 (from google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading google_auth-2.39.0-py2.py3-none-any.whl.metadata (6.2 kB)
Collecting google-auth-httplib2>=0.2.0 (from gsutil->cve-bin-tool)
Downloading google_auth_httplib2-0.2.0-py2.py3-none-any.whl.metadata (2.2 kB)
Collecting cachetools<6.0,>=2.0.0 (from google-auth==2.39.0->google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading cachetools-5.5.2-py3-none-any.whl.metadata (5.4 kB)
Collecting pyasn1-modules>=0.2.1 (from google-auth==2.39.0->google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading pyasn1_modules-0.4.2-py3-none-any.whl.metadata (3.5 kB)
Collecting rsa<5,>=3.1.4 (from google-auth==2.39.0->google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading rsa-4.9.1-py3-none-any.whl.metadata (5.6 kB)
Collecting pyparsing!=3.0.0,!=3.0.1,!=3.0.2,!=3.0.3,<4,>=2.4.2 (from httplib2==0.20.4->gsutil->cve-bin-tool)
Downloading pyparsing-3.2.5-py3-none-any.whl.metadata (5.0 kB)
Collecting cryptography<44,>=41.0.5 (from pyOpenSSL<=24.2.1,>=0.13->gsutil->cve-bin-tool)
Downloading cryptography-43.0.3-cp39-abi3-manylinux_2_28_x86_64.whl.metadata (5.4 kB)
Collecting pyasn1>=0.1.3 (from rsa<5,>=3.1.4->google-auth==2.39.0->google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading pyasn1-0.6.1-py3-none-any.whl.metadata (8.4 kB)
Collecting rsa<5,>=3.1.4 (from google-auth==2.39.0->google-auth[aiohttp]==2.39.0->gsutil->cve-bin-tool)
Downloading rsa-4.7.2-py3-none-any.whl.metadata (3.6 kB)
Collecting boto>=2.29.1 (from gcs-oauth2-boto-plugin>=3.3->gsutil->cve-bin-tool)
Downloading boto-2.49.0-py2.py3-none-any.whl.metadata (7.3 kB)
Collecting oauth2client>=2.2.0 (from gcs-oauth2-boto-plugin>=3.3->gsutil->cve-bin-tool)
Downloading oauth2client-4.1.3-py2.py3-none-any.whl.metadata (1.2 kB)
Collecting pyu2f (from google-reauth>=0.1.0->gsutil->cve-bin-tool)
Downloading pyu2f-0.1.5.tar.gz (27 kB)
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing metadata (pyproject.toml) ... done
Collecting narwhals>=1.15.1 (from plotly->cve-bin-tool)
Downloading narwhals-2.9.0-py3-none-any.whl.metadata (11 kB)
Collecting markdown-it-py>=2.2.0 (from rich->cve-bin-tool)
Downloading markdown_it_py-4.0.0-py3-none-any.whl.metadata (7.3 kB)
Collecting pygments<3.0.0,>=2.13.0 (from rich->cve-bin-tool)
Downloading pygments-2.19.2-py3-none-any.whl.metadata (2.5 kB)
Collecting mdurl~=0.1 (from markdown-it-py>=2.2.0->rich->cve-bin-tool)
Downloading mdurl-0.1.2-py3-none-any.whl.metadata (1.6 kB)
Collecting elementpath<6.0.0,>=5.0.1 (from xmlschema->cve-bin-tool)
Downloading elementpath-5.0.4-py3-none-any.whl.metadata (7.0 kB)
Downloading cve_bin_tool-3.4-py3-none-any.whl (1.7 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.7/1.7 MB 10.4 MB/s 0:00:00
Downloading aiohttp-3.13.1-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (1.7 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.7/1.7 MB 11.6 MB/s 0:00:00
Downloading multidict-6.7.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (254 kB)
Downloading yarl-1.22.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (377 kB)
Downloading aiohappyeyeballs-2.6.1-py3-none-any.whl (15 kB)
Downloading aiodns-3.5.0-py3-none-any.whl (8.1 kB)
Downloading aiosignal-1.4.0-py3-none-any.whl (7.5 kB)
Downloading attrs-25.4.0-py3-none-any.whl (67 kB)
Downloading filetype-1.2.0-py2.py3-none-any.whl (19 kB)
Downloading frozenlist-1.8.0-cp313-cp313-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl (234 kB)
Downloading idna-3.11-py3-none-any.whl (71 kB)
Downloading jinja2-3.1.6-py3-none-any.whl (134 kB)
Downloading jsonschema-4.25.1-py3-none-any.whl (90 kB)
Downloading jsonschema_specifications-2025.9.1-py3-none-any.whl (18 kB)
Downloading lib4sbom-0.8.8-py2.py3-none-any.whl (2.6 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.6/2.6 MB 11.6 MB/s 0:00:00
Downloading lib4vex-0.2.1-py2.py3-none-any.whl (23 kB)
Downloading csaf_tool-0.3.2-py2.py3-none-any.whl (17 kB)
Downloading markupsafe-3.0.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (22 kB)
Downloading packaging-25.0-py3-none-any.whl (66 kB)
Downloading propcache-0.4.1-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (204 kB)
Downloading pycares-4.11.0-cp313-cp313-manylinux_2_28_x86_64.whl (641 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 641.0/641.0 kB 9.1 MB/s 0:00:00
Downloading cffi-2.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl (219 kB)
Downloading pyyaml-6.0.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (801 kB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 801.6/801.6 kB 12.9 MB/s 0:00:00
Downloading referencing-0.37.0-py3-none-any.whl (26 kB)
Downloading requests-2.32.5-py3-none-any.whl (64 kB)
Downloading charset_normalizer-3.4.4-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (153 kB)
Downloading urllib3-2.5.0-py3-none-any.whl (129 kB)
Downloading certifi-2025.10.5-py3-none-any.whl (163 kB)
Downloading rpds_py-0.28.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (385 kB)
Downloading rpmfile-2.1.0-py3-none-any.whl (17 kB)
Using cached setuptools-80.9.0-py3-none-any.whl (1.2 MB)
Downloading zipp-3.23.0-py3-none-any.whl (10 kB)
Downloading backports_zstd-1.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (490 kB)
Downloading beautifulsoup4-4.14.2-py3-none-any.whl (106 kB)
Downloading soupsieve-2.8-py3-none-any.whl (36 kB)
Downloading typing_extensions-4.15.0-py3-none-any.whl (44 kB)
Downloading Brotli-1.1.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.9 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 2.9/2.9 MB 11.7 MB/s 0:00:00
Downloading cvss-3.6-py2.py3-none-any.whl (31 kB)
Downloading defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Downloading distro-1.9.0-py3-none-any.whl (20 kB)
Downloading fastjsonschema-2.21.2-py3-none-any.whl (24 kB)
Downloading google_auth-2.39.0-py2.py3-none-any.whl (212 kB)
Downloading httplib2-0.20.4-py3-none-any.whl (96 kB)
Downloading cachetools-5.5.2-py3-none-any.whl (10 kB)
Downloading pyOpenSSL-24.2.1-py3-none-any.whl (58 kB)
Downloading cryptography-43.0.3-cp39-abi3-manylinux_2_28_x86_64.whl (4.0 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 4.0/4.0 MB 12.2 MB/s 0:00:00
Downloading pyparsing-3.2.5-py3-none-any.whl (113 kB)
Downloading argcomplete-3.6.3-py3-none-any.whl (43 kB)
Downloading fasteners-0.20-py3-none-any.whl (18 kB)
Downloading rsa-4.7.2-py3-none-any.whl (34 kB)
Downloading boto-2.49.0-py2.py3-none-any.whl (1.4 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.4/1.4 MB 10.3 MB/s 0:00:00
Downloading google_apitools-0.5.35-py3-none-any.whl (135 kB)
Downloading google_auth_httplib2-0.2.0-py2.py3-none-any.whl (9.3 kB)
Downloading google_reauth-0.1.1-py2.py3-none-any.whl (17 kB)
Downloading monotonic-1.6-py2.py3-none-any.whl (8.2 kB)
Downloading oauth2client-4.1.3-py2.py3-none-any.whl (98 kB)
Downloading pyasn1-0.6.1-py3-none-any.whl (83 kB)
Downloading pyasn1_modules-0.4.2-py3-none-any.whl (181 kB)
Downloading six-1.17.0-py2.py3-none-any.whl (11 kB)
Downloading packageurl_python-0.17.5-py3-none-any.whl (30 kB)
Downloading plotly-6.3.1-py3-none-any.whl (9.8 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 9.8/9.8 MB 12.8 MB/s 0:00:00
Downloading narwhals-2.9.0-py3-none-any.whl (422 kB)
Downloading pycparser-2.23-py3-none-any.whl (118 kB)
Downloading python_gnupg-0.5.5-py2.py3-none-any.whl (21 kB)
Downloading rich-14.2.0-py3-none-any.whl (243 kB)
Downloading pygments-2.19.2-py3-none-any.whl (1.2 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.2/1.2 MB 10.5 MB/s 0:00:00
Downloading markdown_it_py-4.0.0-py3-none-any.whl (87 kB)
Downloading mdurl-0.1.2-py3-none-any.whl (10.0 kB)
Downloading semantic_version-2.10.0-py2.py3-none-any.whl (15 kB)
Downloading xmlschema-4.2.0-py3-none-any.whl (467 kB)
Downloading elementpath-5.0.4-py3-none-any.whl (245 kB)
Downloading zstandard-0.25.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl (5.5 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 5.5/5.5 MB 12.3 MB/s 0:00:00
Building wheels for collected packages: gsutil, crcmod, gcs-oauth2-boto-plugin, retry_decorator, pyu2f
Building wheel for gsutil (pyproject.toml) ... done
Created wheel for gsutil: filename=gsutil-5.35-py3-none-any.whl size=3791063 sha256=94cdfff814aa83525a7df35d52d75f0bff4c9a0c5096c3a98ec8af3808d75660
Stored in directory: /home/test/.cache/pip/wheels/0a/a3/22/f017a300476751b2c66c4cfa3857331b262535b605ca59f976
Building wheel for crcmod (pyproject.toml) ... done
Created wheel for crcmod: filename=crcmod-1.7-cp313-cp313-linux_x86_64.whl size=31482 sha256=bbbc804fb28c4888e49f410b2f0d3078abadd9cf0177028f448eec3495ce9185
Stored in directory: /home/test/.cache/pip/wheels/c5/b4/7d/51d3485a8022501c7f7dba78b6c945088ff93d40142c9a96f4
Building wheel for gcs-oauth2-boto-plugin (pyproject.toml) ... done
Created wheel for gcs-oauth2-boto-plugin: filename=gcs_oauth2_boto_plugin-3.3-py3-none-any.whl size=24561 sha256=c3c57a2431f83be9b88ae2e7a2c84ec6dccdc5d0990812aff8e66dd737345649
Stored in directory: /home/test/.cache/pip/wheels/d4/a1/f2/7f12f6f3b0a4e2d1e810aca161074a6702b3dec2b6659b0815
Building wheel for retry_decorator (pyproject.toml) ... done
Created wheel for retry_decorator: filename=retry_decorator-1.1.1-py2.py3-none-any.whl size=3709 sha256=dbb55c33ac1f03efd1852a52f45c0a046c5135f6cce4361f48d89cd8d7be27cd
Stored in directory: /home/test/.cache/pip/wheels/33/4a/b3/fad6a6629ebfb687eed2325aa68700e3beb525383e7c6fc1d3
Building wheel for pyu2f (pyproject.toml) ... done
Created wheel for pyu2f: filename=pyu2f-0.1.5-py3-none-any.whl size=39486 sha256=208aad9eefd6fa9bc4a941b7092ce9eaf7b0f98705a5974505e1dfd46ed47161
Stored in directory: /home/test/.cache/pip/wheels/ab/4a/10/ef71de7c899e25c982b97ba8b4c7330df9b37929c2aa623c9e
Successfully built gsutil crcmod gcs-oauth2-boto-plugin retry_decorator pyu2f
Installing collected packages: rpmfile, retry_decorator, python-gnupg, monotonic, filetype, fastjsonschema, cvss, crcmod, Brotli, boto, zstandard, zipp, urllib3, typing-extensions, soupsieve, six, setuptools, semantic-version, rpds-py, pyyaml, pyparsing, pygments, pycparser, pyasn1, propcache, packaging, packageurl-python, narwhals, multidict, mdurl, MarkupSafe, idna, frozenlist, fasteners, elementpath, distro, defusedxml, charset_normalizer, certifi, cachetools, backports.zstd, attrs, argcomplete, aiohappyeyeballs, yarl, xmlschema, rsa, requests, referencing, pyu2f, pyasn1-modules, plotly, markdown-it-py, jinja2, httplib2, cffi, beautifulsoup4, aiosignal, rich, pycares, oauth2client, jsonschema-specifications, google-reauth, google-auth, cryptography, aiohttp, pyOpenSSL, jsonschema, google-auth-httplib2, google-apitools, csaf-tool, aiodns, lib4sbom, gcs-oauth2-boto-plugin, lib4vex, gsutil, cve-bin-tool
Successfully installed Brotli-1.1.0 MarkupSafe-3.0.3 aiodns-3.5.0 aiohappyeyeballs-2.6.1 aiohttp-3.13.1 aiosignal-1.4.0 argcomplete-3.6.3 attrs-25.4.0 backports.zstd-1.0.0 beautifulsoup4-4.14.2 boto-2.49.0 cachetools-5.5.2 certifi-2025.10.5 cffi-2.0.0 charset_normalizer-3.4.4 crcmod-1.7 cryptography-43.0.3 csaf-tool-0.3.2 cve-bin-tool-3.4 cvss-3.6 defusedxml-0.7.1 distro-1.9.0 elementpath-5.0.4 fasteners-0.20 fastjsonschema-2.21.2 filetype-1.2.0 frozenlist-1.8.0 gcs-oauth2-boto-plugin-3.3 google-apitools-0.5.35 google-auth-2.39.0 google-auth-httplib2-0.2.0 google-reauth-0.1.1 gsutil-5.35 httplib2-0.20.4 idna-3.11 jinja2-3.1.6 jsonschema-4.25.1 jsonschema-specifications-2025.9.1 lib4sbom-0.8.8 lib4vex-0.2.1 markdown-it-py-4.0.0 mdurl-0.1.2 monotonic-1.6 multidict-6.7.0 narwhals-2.9.0 oauth2client-4.1.3 packageurl-python-0.17.5 packaging-25.0 plotly-6.3.1 propcache-0.4.1 pyOpenSSL-24.2.1 pyasn1-0.6.1 pyasn1-modules-0.4.2 pycares-4.11.0 pycparser-2.23 pygments-2.19.2 pyparsing-3.2.5 python-gnupg-0.5.5 pyu2f-0.1.5 pyyaml-6.0.3 referencing-0.37.0 requests-2.32.5 retry_decorator-1.1.1 rich-14.2.0 rpds-py-0.28.0 rpmfile-2.1.0 rsa-4.7.2 semantic-version-2.10.0 setuptools-80.9.0 six-1.17.0 soupsieve-2.8 typing-extensions-4.15.0 urllib3-2.5.0 xmlschema-4.2.0 yarl-1.22.0 zipp-3.23.0 zstandard-0.25.0
(cve-bin-tool) test@mars:~$ cve-bin-tool /usr/bin/true
[19:35:00] INFO cve_bin_tool - CVE Binary Tool v3.4 cli.py:624
INFO cve_bin_tool - This product uses the NVD API but is not endorsed or certified by the NVD. cli.py:625
INFO cve_bin_tool - For potentially faster NVD downloads, mirrors are available using -n json-mirror cli.py:628
INFO cve_bin_tool - Getting NVD CVE data... nvd_source.py:389
INFO cve_bin_tool - Getting GitLab Advisory Database CVEs... gad_source.py:86
INFO cve_bin_tool - Getting RedHat CVEs... redhat_source.py:69
INFO cve_bin_tool - Getting PURL2CPE data... purl2cpe_source.py:36
ERROR CVEDB - Unable to fetch EPSS, skipping EPSS. epss_source.py:158
Downloading CVEs... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:09
[19:36:09] INFO cve_bin_tool - Adding 41874 RedHat CVE entries redhat_source.py:136
[19:36:19] INFO cve_bin_tool - Getting Open Source Vulnerability Database CVEs... osv_source.py:161
Nothing happens for several minutes, then
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /home/test/cve-bin-tool/bin/cve-bin-tool:7 in <module> │
│ │
│ 4 if __name__ == '__main__': │
│ 5 │ if sys.argv[0].endswith('.exe'): │
│ 6 │ │ sys.argv[0] = sys.argv[0][:-4] │
│ ❱ 7 │ sys.exit(main()) │
│ 8 │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cli.py:891 in main │
│ │
│ 888 │ │
│ 889 │ # update db if needed │
│ 890 │ if db_update != "never": │
│ ❱ 891 │ │ cvedb_orig.get_cvelist_if_stale() │
│ 892 │ else: │
│ 893 │ │ LOGGER.warning("Not verifying CVE DB cache") │
│ 894 │ │ if not cvedb_orig.check_cve_entries(): │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py:316 in │
│ get_cvelist_if_stale │
│ │
│ 313 │ │ │ datetime.datetime.today() │
│ 314 │ │ │ - datetime.datetime.fromtimestamp(self.dbpath.stat().st_mtime) │
│ 315 │ │ ) > datetime.timedelta(hours=24): │
│ ❱ 316 │ │ │ self.refresh_cache_and_update_db() │
│ 317 │ │ │ self.time_of_last_update = datetime.datetime.today() │
│ 318 │ │ else: │
│ 319 │ │ │ _ = self.get_db_update_date() │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py:299 in │
│ refresh_cache_and_update_db │
│ │
│ 296 │ │ """Refresh cached NVD and update CVE database with latest data.""" │
│ 297 │ │ self.LOGGER.debug("Updating CVE data. This will take a few minutes.") │
│ 298 │ │ # refresh the nvd cache │
│ ❱ 299 │ │ run_coroutine(self.refresh()) │
│ 300 │ │ │
│ 301 │ │ # if the database isn't open, open it │
│ 302 │ │ self.init_database() │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/async_utils.py:90 in │
│ run_coroutine │
│ │
│ 87 │ """ │
│ 88 │ loop = get_event_loop() │
│ 89 │ aws = asyncio.ensure_future(coro, loop=loop) │
│ ❱ 90 │ result = loop.run_until_complete(aws) │
│ 91 │ return result │
│ 92 │
│ 93 │
│ │
│ /usr/lib/python3.13/asyncio/base_events.py:725 in run_until_complete │
│ │
│ 722 │ │ if not future.done(): │
│ 723 │ │ │ raise RuntimeError('Event loop stopped before Future completed.') │
│ 724 │ │ │
│ ❱ 725 │ │ return future.result() │
│ 726 │ │
│ 727 │ def stop(self): │
│ 728 │ │ """Stop running the event loop. │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py:293 in refresh │
│ │
│ 290 │ │ if self.version_check: │
│ 291 │ │ │ check_latest_version() │
│ 292 │ │ │
│ ❱ 293 │ │ await self.get_data() │
│ 294 │ │
│ 295 │ def refresh_cache_and_update_db(self) -> None: │
│ 296 │ │ """Refresh cached NVD and update CVE database with latest data.""" │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py:403 in get_data │
│ │
│ 400 │ │ │ if source is not None: │
│ 401 │ │ │ │ tasks.append(source.get_cve_data()) │
│ 402 │ │ │
│ ❱ 403 │ │ for r in await asyncio.gather(*tasks): │
│ 404 │ │ │ self.data.append(r) │
│ 405 │ │
│ 406 │ def init_database(self) -> None: │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/data_sources/osv_source.py:375 │
│ in get_cve_data │
│ │
│ 372 │ │ │
│ 373 │ │ await self.update_cve_entries() │
│ 374 │ │ │
│ ❱ 375 │ │ return self.format_data(self.all_cve_entries), self.source_name │
│ 376 │
│ │
│ /home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/data_sources/osv_source.py:260 │
│ in format_data │
│ │
│ 257 │ │ │ │
│ 258 │ │ │ # getting score │
│ 259 │ │ │ # OSV Schema currently only provides CVSS V3 scores, though more scores may │
│ ❱ 260 │ │ │ if severity is not None and "CVSS_V3" in [x["type"] for x in severity]: │
│ 261 │ │ │ │ try: │
│ 262 │ │ │ │ │ # Ensure CVSS vector is valid │
│ 263 │ │ │ │ │ if severity[0]["score"].endswith("/"): │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
KeyError: 'type'
Exception ignored in: <function CVEDB.__del__ at 0x7f19daf0d580>
Traceback (most recent call last):
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 804, in __del__
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 796, in rollback_cache_backup
File "/usr/lib/python3.13/pathlib/_local.py", line 150, in __truediv__
File "/usr/lib/python3.13/pathlib/_abc.py", line 135, in with_segments
File "/usr/lib/python3.13/pathlib/_local.py", line 505, in __init__
File "/usr/lib/python3.13/pathlib/_local.py", line 117, in __init__
ImportError: sys.meta_path is None, Python is likely shutting down
Exception ignored in: <function CVEDB.__del__ at 0x7f19daf0d580>
Traceback (most recent call last):
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 804, in __del__
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 796, in rollback_cache_backup
File "/usr/lib/python3.13/pathlib/_local.py", line 150, in __truediv__
File "/usr/lib/python3.13/pathlib/_abc.py", line 135, in with_segments
File "/usr/lib/python3.13/pathlib/_local.py", line 505, in __init__
File "/usr/lib/python3.13/pathlib/_local.py", line 117, in __init__
ImportError: sys.meta_path is None, Python is likely shutting down
Exception ignored in: <function CVEDB.__del__ at 0x7f19daf0d580>
Traceback (most recent call last):
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 804, in __del__
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 796, in rollback_cache_backup
File "/usr/lib/python3.13/pathlib/_local.py", line 150, in __truediv__
File "/usr/lib/python3.13/pathlib/_abc.py", line 135, in with_segments
File "/usr/lib/python3.13/pathlib/_local.py", line 505, in __init__
File "/usr/lib/python3.13/pathlib/_local.py", line 117, in __init__
ImportError: sys.meta_path is None, Python is likely shutting down
Exception ignored in: <function CVEDB.__del__ at 0x7f19daf0d580>
Traceback (most recent call last):
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 804, in __del__
File "/home/test/cve-bin-tool/lib/python3.13/site-packages/cve_bin_tool/cvedb.py", line 796, in rollback_cache_backup
File "/usr/lib/python3.13/pathlib/_local.py", line 150, in __truediv__
File "/usr/lib/python3.13/pathlib/_abc.py", line 135, in with_segments
File "/usr/lib/python3.13/pathlib/_local.py", line 505, in __init__
File "/usr/lib/python3.13/pathlib/_local.py", line 117, in __init__
ImportError: sys.meta_path is None, Python is likely shutting down