ORT fails with SerializationException on PYSEC-2023-163 #7531
Description
I'm using oss-review-toolkit/ort-ci-github-action on python project. It fails with following error:
07:30:38.450 [DefaultDispatcher-worker-3] ERROR org.ossreviewtoolkit.advisor.advisors.Osv - Requesting vulnerabilities IDs for packages failed: SerializationException: org.ossreviewtoolkit.clients.osv.Reference.Type does not contain element with name 'EVIDENCE' at path $.references[1].type
Exception in thread "main" java.util.NoSuchElementException: Key PYSEC-2023-163 is missing in the map.
at kotlin.collections.MapsKt__MapWithDefaultKt.getOrImplicitDefaultNullable(MapWithDefault.kt:24)
at kotlin.collections.MapsKt__MapsKt.getValue(Maps.kt:360)
at org.ossreviewtoolkit.advisor.advisors.Osv.getVulnerabilitiesForPackage(Osv.kt:96)
at org.ossreviewtoolkit.advisor.advisors.Osv.retrievePackageFindings(Osv.kt:74)
at org.ossreviewtoolkit.advisor.Advisor$advise$4$2$1.invokeSuspend(Advisor.kt:90)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:108)
at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:115)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:103)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
File /home/runner/.ort/ort-results/advisor-result.json not found.
Error: Process completed with exit code 1.
Error: The step failed and an error occurred when attempting to determine whether to continue on error.
The project contains dependency numexpr-2.8.6, as it comes from langchain dependencies.
Please see example https://github.com/justrp/ort-langchain-sample/actions/runs/6232723387/job/16916459432