Issue WP Toolkit could not update vulnerabilities database

[Ash155]

Server operating system version

Ubuntu 22 / 24

Plesk version and microupdate number

18.0.70 #3

Hi all

For the last 2 days I'm getting the following errors once every hour:

Could not update vulnerabilities database: SQLSTATE[23000]: Integrity constraint violation: 19 UNIQUE constraint failed: Vulnerabilities.vulnerabilityId, query was: INSERT INTO "Vulnerabilities" ("vulnerabilityId", "productType", "productSlug", "productNamePremium", "title", "description", "directUrl", "affectedVersions", "cvssScore", "disclosedAt", "cve", "exploited", "fingerprint", "mitigations", "riskRank") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

and

An error occurred during update of vulnerability database: SQLSTATE[23000]: Integrity constraint violation: 19 UNIQUE constraint failed: Vulnerabilities.vulnerabilityId, query was: INSERT INTO "Vulnerabilities" ("vulnerabilityId", "productType", "productSlug", "productNamePremium", "title", "description", "directUrl", "affectedVersions", "cvssScore", "disclosedAt", "cve", "exploited", "fingerprint", "mitigations", "riskRank") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

I have two servers, and I'm getting the same error on both since the same approx time 2 days ago. One server is running on Ubuntu 22 and the other one Ubuntu 24. Both had a recent Plesk update to 18.0.70 update #3.

I've since updated one server to Plesk 18.0.71 to see if that would help, but the error still remains. All extensions and components are up to date.

Any thoughts or support would be much appreciated! Or is anyone else having this issue?

Thanks

 

[wolle]

Hi all

For the last 2 days I'm getting the following errors once every hour:

Could not update vulnerabilities database: SQLSTATE[23000]: Integrity constraint violation: 19 UNIQUE constraint failed: Vulnerabilities.vulnerabilityId, query was: INSERT INTO "Vulnerabilities" ("vulnerabilityId", "productType", "productSlug", "productNamePremium", "title", "description", "directUrl", "affectedVersions", "cvssScore", "disclosedAt", "cve", "exploited", "fingerprint", "mitigations", "riskRank") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

and

An error occurred during update of vulnerability database: SQLSTATE[23000]: Integrity constraint violation: 19 UNIQUE constraint failed: Vulnerabilities.vulnerabilityId, query was: INSERT INTO "Vulnerabilities" ("vulnerabilityId", "productType", "productSlug", "productNamePremium", "title", "description", "directUrl", "affectedVersions", "cvssScore", "disclosedAt", "cve", "exploited", "fingerprint", "mitigations", "riskRank") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

I have two servers, and I'm getting the same error on both since the same approx time 2 days ago. One server is running on Ubuntu 22 and the other one Ubuntu 24. Both had a recent Plesk update to 18.0.70 update #3.

I've since updated one server to Plesk 18.0.71 to see if that would help, but the error still remains. All extensions and components are up to date.

Any thoughts or support would be much appreciated! Or is anyone else having this issue?

Thanks

Hi,
same errors on my sytem Plesk 18.0.71 and Ubuntu 24
hope we get a solution

 

[Ash155]

Hi,
same errors on my sytem Plesk 18.0.71 and Ubuntu 24
hope we get a solution

Glad it's not just me! Hopefully there will be a fix soon.

 

[se2e-dev]

The same on numerous servers!

Plesk Obsidian 18.0.71 Update 1
Debian 12.11

 

[Sebahat.hadzhi]

The issue is caused due to a bug identified with ID EXTWPTOOLK-10397, which will be fixed in one of the upcoming releases. Until the fix is introduced, please apply the following workaround:

1. Connect to the server via SSH
2. Backup the psa database
   

   plesk db dump psa > /root/psa_dump.sql

3. Remove the necessary line from the database by executing the following command:
   

   plesk db "DELETE FROM ModuleSettings WHERE name = 'vulnerabilityDatabaseEncodedIndicatorPhrase'"

Afterward, the vulnerability task should finish successfully.

 

[se2e-dev]

The issue is caused due to a bug identified with ID EXTWPTOOLK-10397, which will be fixed in one of the upcoming releases. Until the fix is introduced, please apply the following workaround:

1. Connect to the server via SSH
2. Backup the psa database
   

   plesk db dump psa > /root/psa_dump.sql

3. Remove the necessary line from the database by executing the following command:
   

   plesk db "DELETE FROM ModuleSettings WHERE name = 'vulnerabilityDatabaseEncodedIndicatorPhrase'"

Afterward, the vulnerability task should finish successfully.

Is this workaround only a temporary solution that works once, or should it prevent the issue from recurring until the fix is released?

Will anything else need to be adjusted after the official fix is applied?

Alternatively, is it possible to simply wait for the fix without applying the workaround in the meantime?

 

[se2e-dev]

Additionally, could the issue reoccur even after applying the workaround?

 

[Sebahat.hadzhi]

@se2e-dev , the issue is related to the vulnerability database structure. The command should update it and consequently lead to the task is finished successfully every time it runs.

Will anything else need to be adjusted after the official fix is applied?

No, no additional adjustment should be needed once the fix is released.

Alternatively, is it possible to simply wait for the fix without applying the workaround in the meantime?

Yes, of course. However, at this point, I cannot provide an ETA for the fix.

Additionally, could the issue reoccur even after applying the workaround?

In theory, it shouldn't reoccur again.