From 725b360c34f4d4195a0e56abeb4b37494bde5d05 Mon Sep 17 00:00:00 2001
From: Ruben Romero Montes <rromerom@redhat.com>
Date: Thu, 14 Nov 2024 21:18:52 +0100
Subject: [PATCH] fix: encode package in deps check

Signed-off-by: Ruben Romero Montes <rromerom@redhat.com>
---
 src/cve/utils/vulnerable_dependency_checker.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/cve/utils/vulnerable_dependency_checker.py b/src/cve/utils/vulnerable_dependency_checker.py
index d375088..134395f 100644
--- a/src/cve/utils/vulnerable_dependency_checker.py
+++ b/src/cve/utils/vulnerable_dependency_checker.py
@@ -346,7 +346,9 @@ async def _get_dependency(self, system=None, package: str = "", version: str = "
         if system not in DEPDEV_SUPPORTED_SYS:
             return self_package
 
-        api_url = (f"v3/systems/{system}/packages/{package}/versions/{version}:dependencies")
+        encoded_pkg = urllib.parse.quote(package, 'utf-8')
+        encoded_ver = urllib.parse.quote(version, 'utf-8')
+        api_url = (f"v3/systems/{system}/packages/{encoded_pkg}/versions/{encoded_ver}:dependencies")
         url = url_join(self.base_url, api_url)
         package_info = {"package": package, "system": system, "version": version}