Dependency-Check Core version 10.0.0

[damu9618]

Describe the bug
Updating CVE: CVE-2023-24015:
NVD API request failures are occurring; retrying request for the n time

Version of dependency-check used
Dependency-Check Core version 10.0.0 : CLI

Log file
347.txt

To Reproduce
Steps to reproduce the behavior:

• task: dependency-check-build-task@6
  displayName: Run OWASP dependency check
  inputs:
  projectName: test
  scanPath: ${{ parameters.scanDirectory }}
  failOnCVSS: 7
  format: HTML, JSON, JUNIT
  suppressionPath: ${{ parameters.suppressionPath }}
  reportsDirectory: ${{ parameters.outputDirectory }}
  reportFilename: dependency-check-report
  additionalArguments: '--nvdApiKey $(OWASPNVDAPIKey) --nvdApiDelay 16000'
  warnOnCVSSViolation: false
  continueOnError: false

Expected behavior
It is suppose to run without any issue

Additional context
Please note we are waiting for 50mins to complete this job however it is failing

[mprins]

@damu9618 This is not a bug in the software, but a duplicate of #6758
problems with the data feeds provided by https://nvd.nist.gov/vuln/data-feeds ,an external resource provided by the (ultimately) US government

[damu9618]

@mprins could you please help us, If you have any work around to resolve this issue?

[jeremylong]

if you look at your log - it appears that it was almost done updating but the job was cancelled? Possibly a timeout on your CI?

the error messages like [ERROR] Updating CVE: CVE-2022-3474 are left over debug code that has been removed.

[jeremylong]

Also see #6758

[damu9618]

@jeremylong I have tested my pipeline with 30minutes and 50 minutes on both cases I have the same issue

[jeremylong]

see #6758