hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 2531 个文件 - 2026-03-17 21:00:03

浏览代码
这个提交包含在:
hao
2026-03-17 21:00:04 -07:00
父节点 a3edc88834
当前提交 080e55a98c
修改 2531 个文件,包含 135521 行新增3725 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

8
08-threat-intel/generated/coverage-matrix.md
查看文件

@@ -21,7 +21,7 @@
| Flask | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Ghost | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gin | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `30` | `30` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-03T04:57:57.697708Z` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:37/synthetic:0/blocked:0` | `33` | `37` | `0` | `2026-03-03T04:57:57.697708Z` |
| GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Hapi | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -37,7 +37,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `24` | `24` | `3` | `seeded` | `real:1/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-13T22:00:36.554552Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `0` | `2026-03-13T22:14:13.665535Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -57,8 +57,8 @@
| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `14` | `14` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-14T09:19:54.772219Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `12` | `12` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-04T04:37:24.129476Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `14` | `14` | `2` | `seeded` | `real:1/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-14T09:19:54.772219Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `12` | `12` | `3` | `seeded` | `real:3/synthetic:0/blocked:0` | `3` | `3` | `0` | `2026-02-04T04:37:24.129476Z` |
| Vue | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Werkzeug | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |

1737
08-threat-intel/generated/dashboard/advisories.json
查看文件

文件差异因一行或多行过长而隐藏

605
08-threat-intel/generated/dashboard/architecture.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T01:29:52+00:00",
"generated_at": "2026-03-18T03:59:28+00:00",
"title": "\u5f53\u524d\u67b6\u6784\u5e93",
"summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
"sections": [
@@ -27,11 +27,11 @@
},
{
"label": "\u5f53\u524d\u8fd0\u884c",
"value": "11"
"value": "114"
},
{
"label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee",
"value": "80"
"value": "89"
}
],
"fields": [
@@ -49,7 +49,7 @@
},
{
"label": "\u751f\u6210\u65f6\u95f4",
"value": "2026-03-18T01:29:52+00:00"
"value": "2026-03-18T03:59:28+00:00"
}
],
"links": [
@@ -243,6 +243,11 @@
"href": "/docs/frontend-dashboard-design.html",
"description": "\u5f53\u524d\u672c\u5730\u5de5\u4f5c\u53f0\u7684\u4ea4\u4e92\u4e0e\u89c6\u89c9\u89c4\u8303\u3002"
},
{
"label": "\u5b8c\u6574\u5ea6\u62a5\u544a",
"href": "/docs/testing-completeness-report.html",
"description": "89 \u6761 advisory \u7684\u6700\u65b0\u5b8c\u6574\u5ea6\u4e2d\u6587\u62a5\u544a\u3002"
},
{
"label": "\u5b89\u5168\u7f16\u7801\u7d22\u5f15",
"href": "/docs/secure-code-index.html",
@@ -288,6 +293,11 @@
"href": "/summary.json",
"description": "\u5168\u5c40\u6458\u8981\u3001\u72b6\u6001\u5206\u5e03\u548c\u6700\u8fd1\u5931\u8d25\u3002"
},
{
"label": "completeness.json",
"href": "/data/completeness.json",
"description": "\u6700\u65b0 advisory \u5b8c\u6574\u5ea6\u3001\u7cfb\u7edf/family \u8fdb\u5ea6\u4e0e ingest \u5065\u5eb7\u5ea6\u3002"
},
{
"label": "runs.json",
"href": "/runs.json",
@@ -5843,19 +5853,19 @@
"stats": [
{
"label": "Run \u6570",
"value": "11"
"value": "114"
},
{
"label": "Advisory \u6570",
"value": "80"
"value": "89"
},
{
"label": "\u72b6\u6001\u7c7b\u578b",
"value": "3"
"value": "2"
},
{
"label": "\u6700\u8fd1\u5931\u8d25",
"value": "3"
"value": "20"
}
],
"items": [
@@ -5866,7 +5876,7 @@
"items": [
{
"title": "\u771f\u5b9e\u7248\u672c\u5df2\u5b9e\u8bc1",
"summary": "\u5f53\u524d\u7d2f\u8ba1 8 \u6761\u3002",
"summary": "\u5f53\u524d\u7d2f\u8ba1 67 \u6761\u3002",
"open": false,
"fields": [
{
@@ -5875,28 +5885,13 @@
},
{
"label": "\u6570\u91cf",
"value": "8"
}
]
},
{
"title": "\u5236\u54c1\u963b\u585e",
"summary": "\u5f53\u524d\u7d2f\u8ba1 2 \u6761\u3002",
"open": false,
"fields": [
{
"label": "\u72b6\u6001\u7f16\u7801",
"value": "blocked-artifact"
},
{
"label": "\u6570\u91cf",
"value": "2"
"value": "67"
}
]
},
{
"title": "\u4eba\u5de5\u5206\u8bca",
"summary": "\u5f53\u524d\u7d2f\u8ba1 1 \u6761\u3002",
"summary": "\u5f53\u524d\u7d2f\u8ba1 22 \u6761\u3002",
"open": false,
"fields": [
{
@@ -5905,7 +5900,7 @@
},
{
"label": "\u6570\u91cf",
"value": "1"
"value": "22"
}
]
}
@@ -5917,60 +5912,8 @@
"open": false,
"items": [
{
"title": "gitea--CVE-2025-68939",
"summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"open": false,
"badges": [
"\u5236\u54c1\u963b\u585e"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "gitea-livecheck-20260316"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "gitea--CVE-2025-68939"
},
{
"label": "\u72b6\u6001",
"value": "\u5236\u54c1\u963b\u585e"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
}
]
},
{
"title": "gitea--CVE-2025-68939",
"summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"open": false,
"badges": [
"\u5236\u54c1\u963b\u585e"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "gitea-gitea--CVE-2025-68939-20260317063330"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "gitea--CVE-2025-68939"
},
{
"label": "\u72b6\u6001",
"value": "\u5236\u54c1\u963b\u585e"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
}
]
},
{
"title": "nextjs--CVE-2025-29927",
"summary": "dry-run only",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
@@ -5978,11 +5921,11 @@
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "nextjs-nextjs--CVE-2025-29927-20260317063047"
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "nextjs--CVE-2025-29927"
"value": "undici--CVE-2026-1525"
},
{
"label": "\u72b6\u6001",
@@ -5990,7 +5933,501 @@
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "dry-run only"
"value": "-"
}
]
},
{
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-1528"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "ProxyAgent vulnerable to MITM",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2022-32210"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-2229"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-1527"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-1526"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-2581"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "undici Denial of Service attack via bad certificate data",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2025-47279"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-31125"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite's `server.fs` settings were not applied to HTML files",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-58752"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite middleware may serve files starting with the same name with the public directory",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-58751"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "vite allows server.fs.deny bypass via backslash on Windows",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-62522"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite has an `server.fs.deny` bypass with an invalid `request-target`",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-32395"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite's `server.fs.deny` is bypassed when using `?import&raw`",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2024-45811"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite allows server.fs.deny to be bypassed with .svg or relative paths",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-31486"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite's server.fs.deny bypassed with /. for files under project root",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-46565"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Vite bypasses server.fs.deny when using ?raw??",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "vite--CVE-2025-30208"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2026-22036"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Undici's cookie header not cleared on cross-origin redirect in fetch",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2023-45143"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
},
{
"title": "Use of Insufficiently Random Values in undici",
"summary": "\u65e0\u989d\u5916\u963b\u585e\u8bf4\u660e\u3002",
"open": false,
"badges": [
"\u4eba\u5de5\u5206\u8bca"
],
"fields": [
{
"label": "\u8fd0\u884c ID",
"value": "-"
},
{
"label": "\u6f0f\u6d1e\u6761\u76ee",
"value": "undici--CVE-2025-22150"
},
{
"label": "\u72b6\u6001",
"value": "\u4eba\u5de5\u5206\u8bca"
},
{
"label": "\u963b\u585e\u539f\u56e0",
"value": "-"
}
]
}

79
08-threat-intel/generated/dashboard/assets/app.js
查看文件

@@ -38,6 +38,7 @@ const ARTIFACT_KIND_LABELS = {
const DOC_HUB_ITEMS = [
{ title: "项目功能总览", href: "/docs/project-features.html", description: "项目定位、功能版图、自动化链路和 CLI 入口。", badge: "docs" },
{ title: "前端设计文档", href: "/docs/frontend-dashboard-design.html", description: "工作台布局、交互、折叠逻辑和视觉规范。", badge: "ui" },
{ title: "中文完整度报告", href: "/docs/testing-completeness-report.html", description: "89 条 advisory 的最新完整度、family 矩阵与 ingest 健康度。", badge: "report" },
{ title: "架构库镜像", href: "/docs/architecture-library.html", description: "当前架构库的结构化镜像页,可直接查看 JSON 真值。", badge: "architecture" },
{ title: "仓库入口镜像", href: "/docs/root-readme.html", description: "根 README 的本地镜像,包含能力矩阵与主入口。", badge: "readme" },
{ title: "授权模型", href: "/docs/authorization-model.html", description: "目标范围、授权模型、最小化验证建议和记录要求。", badge: "scope" },
@@ -50,6 +51,7 @@ const DOC_HUB_ITEMS = [
const DATA_HUB_ITEMS = [
{ title: "summary.json", href: "/summary.json", description: "全局摘要、状态分布、最近失败与系统汇总。", badge: "json" },
{ title: "completeness.json", href: "/data/completeness.json", description: "最新 advisory 完整度、系统/family 进度与 ingest 健康度。", badge: "json" },
{ title: "runs.json", href: "/runs.json", description: "最近运行的结构化详情,可用于 UI 和调试。", badge: "json" },
{ title: "systems.json", href: "/systems.json", description: "系统级覆盖、分类、更新时间和浏览器证据统计。", badge: "json" },
{ title: "advisories.json", href: "/advisories.json", description: "漏洞条目元数据、来源和 secure-code 主题。", badge: "json" },
@@ -84,6 +86,7 @@ const state = {
advisories: {},
profiles: {},
architecture: null,
completeness: null,
selectedRunId: null,
selectedArtifact: null,
refreshHandle: null,
@@ -275,15 +278,17 @@ function familyOptions() {
}
function metricCards() {
const successCount = Number(state.summary?.statuses?.["verified-real"] || 0) + Number(state.summary?.statuses?.["verified-synthetic"] || 0);
const blockedCount = sumStatuses((key) => key.startsWith("blocked"));
const inProgressCount = Math.max(Number(state.summary?.run_count || 0) - successCount - blockedCount, 0);
const completeness = state.completeness || state.summary?.completeness || {};
const successCount = Number(completeness.verified_real || 0) + Number(completeness.verified_synthetic || 0);
const blockedCount = Number(completeness.blocked || 0);
const inProgressCount = Number(completeness.manual || 0);
const advisoryTotal = Number(completeness.advisory_total || state.summary?.advisory_count || 0);
return [
{
label: "运行总数",
value: state.summary?.run_count || 0,
note: `已索引漏洞条目 ${state.summary?.advisory_count || 0} `,
label: "最新 advisory",
value: advisoryTotal,
note: `历史运行 ${state.summary?.run_count || 0} `,
color: "var(--accent-purple)",
iconName: "report"
},
@@ -297,14 +302,14 @@ function metricCards() {
{
label: "当前阻塞",
value: blockedCount,
note: "制品阻塞或破坏性风险阻塞",
note: "latest advisory 状态里的 blocked-*",
color: "var(--accent-red)",
iconName: "failure"
},
{
label: "待处理 / 进行中",
value: inProgressCount,
note: "人工分诊待补证据或未完成实证",
note: "人工分诊待补证据的 latest advisory",
color: "var(--accent-blue)",
iconName: "timeline"
}
@@ -755,6 +760,54 @@ function renderPanel(panelKey, title, meta, iconName, content) {
`;
}
function renderCompletenessPanel(panelKey, compact = false) {
const completeness = state.completeness || state.summary?.completeness || {};
const systems = (state.completeness?.systems || []).map((system) => `
<article class="plan-card">
<span class="plan-label">${escapeHtml(system.system_id)}</span>
<div class="plan-copy">${escapeHtml(`${system.verified_real}/${system.total} verified-real`)}</div>
<div class="tag-row">
${(system.families || []).map((family) => `<span class="tag">${escapeHtml(`${family.family} ${family.verified_real}/${family.total}`)}</span>`).join("")}
</div>
</article>
`).join("");
const failures = (state.completeness?.ingest_health?.failures || []).slice(0, 5);
return renderPanel(
panelKey,
"最新 advisory 完整度",
`${escapeHtml(completeness.verified_real || 0)}/${escapeHtml(completeness.advisory_total || 0)}`,
"shield",
`
<div class="detail-stat-grid">
<article class="detail-stat">
<strong>verified-real</strong>
<span>${escapeHtml(completeness.verified_real || 0)}</span>
</article>
<article class="detail-stat">
<strong>blocked</strong>
<span>${escapeHtml(completeness.blocked || 0)}</span>
</article>
<article class="detail-stat">
<strong>manual</strong>
<span>${escapeHtml(completeness.manual || 0)}</span>
</article>
<article class="detail-stat">
<strong>ingest failures</strong>
<span>${escapeHtml(state.completeness?.ingest_health?.failure_count || 0)}</span>
</article>
</div>
<div class="plan-grid" style="margin-top:16px;">${systems || `<div class="empty-state">暂无系统完整度数据。</div>`}</div>
${compact ? "" : `
<div class="detail-actions" style="margin-top:16px;">
<a class="button button-secondary" href="/docs/testing-completeness-report.html" target="_blank" rel="noreferrer">${icon("docs")}<span>打开中文报告</span></a>
<a class="button button-secondary" href="/data/completeness.json" target="_blank" rel="noreferrer">${icon("json")}<span>打开 completeness.json</span></a>
</div>
${failures.length ? `<div class="callout" style="margin-top:16px;"><strong>Ingest 未清零</strong><div class="plan-copy">${escapeHtml(failures.join(" | "))}</div></div>` : ""}
`}
`
);
}
function renderArchitectureFields(fields = []) {
if (!fields.length) return "";
return `
@@ -1061,6 +1114,7 @@ function renderRunWorkspace() {
</article>
</div>
</section>
${renderCompletenessPanel("runs_completeness", true)}
${renderPanel("timeline", "进度时间线", `${escapeHtml(run.timeline?.length || 0)}`, "timeline", `
<div class="progress-bar">${progressSegments(progress).bar}</div>
<div class="progress-legend">${progressSegments(progress).legend}</div>
@@ -1130,6 +1184,7 @@ function renderOverviewWorkspace() {
<h2 class="detail-title">按板块浏览当前工作台</h2>
<div class="detail-subtitle">根入口保留为概览页,同时新增运行、系统、架构、文档和数据的独立 URL。顶部菜单负责分类切换,搜索与筛选会同步到地址栏。</div>
</section>
${renderCompletenessPanel("overview_completeness")}
${renderPanel("overview_runs", "最新运行", `${escapeHtml(runs.length)}`, "queue", renderRunList(runs, "暂无运行数据。"))}
${renderPanel("overview_systems", "系统覆盖概览", `${escapeHtml(systems.length)} 个系统`, "systems", `<div class="system-grid">${renderSystemCards(systems)}</div>`)}
${renderArchitecturePanel()}
@@ -1195,6 +1250,7 @@ function renderDocsWorkspace() {
<h2 class="detail-title">文档入口按板块集中</h2>
<div class="detail-subtitle">不再把所有入口混在首页链接堆里。这里按说明、设计、真值镜像和 secure-code 索引集中展示。</div>
</section>
${renderCompletenessPanel("docs_completeness", true)}
${renderPanel("docs_hub", "文档与镜像页", `${escapeHtml(DOC_HUB_ITEMS.length)} 个入口`, "docs", renderHubCards(DOC_HUB_ITEMS))}
</div>
`;
@@ -1215,6 +1271,7 @@ function renderDataWorkspace() {
<h2 class="detail-title">数据入口按类型集中</h2>
<div class="detail-subtitle">summary、runs、systems、advisories、profiles、architecture 已单独归入数据中心,避免和文档、运行详情混在一个地址里。</div>
</section>
${renderCompletenessPanel("data_completeness", true)}
${renderPanel("data_hub", "JSON 与生成数据", `${escapeHtml(DATA_HUB_ITEMS.length)} 个入口`, "json", renderHubCards(DATA_HUB_ITEMS))}
</div>
`;
@@ -1416,13 +1473,14 @@ async function loadData(preserveSelection = true) {
renderSyncState("loading", "刷新中", `本地时间 ${new Date().toLocaleTimeString("zh-CN", { hour12: false })}`);
try {
const [summary, runs, systems, advisories, profiles, architecture] = await Promise.all([
const [summary, runs, systems, advisories, profiles, architecture, completeness] = await Promise.all([
fetchJson("/summary.json"),
fetchJson("/runs.json"),
fetchJson("/systems.json"),
fetchJson("/advisories.json"),
fetchJson("/profiles.json"),
fetchJson("/architecture.json")
fetchJson("/architecture.json"),
fetchJson("/data/completeness.json")
]);
state.summary = summary;
@@ -1431,6 +1489,7 @@ async function loadData(preserveSelection = true) {
state.advisories = advisories;
state.profiles = profiles;
state.architecture = architecture;
state.completeness = completeness;
const filtered = filteredRuns();
const candidate = preserveSelection ? (state.selectedRunId || previousRunId) : state.selectedRunId;

605
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-18T01:29:52+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-18T03:59:28+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -115,11 +115,11 @@
},
{
&quot;label&quot;: &quot;当前运行&quot;,
&quot;value&quot;: &quot;11&quot;
&quot;value&quot;: &quot;114&quot;
},
{
&quot;label&quot;: &quot;当前漏洞条目&quot;,
&quot;value&quot;: &quot;80&quot;
&quot;value&quot;: &quot;89&quot;
}
],
&quot;fields&quot;: [
@@ -137,7 +137,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-18T01:29:52+00:00&quot;
&quot;value&quot;: &quot;2026-03-18T03:59:28+00:00&quot;
}
],
&quot;links&quot;: [
@@ -331,6 +331,11 @@
&quot;href&quot;: &quot;/docs/frontend-dashboard-design.html&quot;,
&quot;description&quot;: &quot;当前本地工作台的交互与视觉规范。&quot;
},
{
&quot;label&quot;: &quot;完整度报告&quot;,
&quot;href&quot;: &quot;/docs/testing-completeness-report.html&quot;,
&quot;description&quot;: &quot;89 条 advisory 的最新完整度中文报告。&quot;
},
{
&quot;label&quot;: &quot;安全编码索引&quot;,
&quot;href&quot;: &quot;/docs/secure-code-index.html&quot;,
@@ -376,6 +381,11 @@
&quot;href&quot;: &quot;/summary.json&quot;,
&quot;description&quot;: &quot;全局摘要、状态分布和最近失败。&quot;
},
{
&quot;label&quot;: &quot;completeness.json&quot;,
&quot;href&quot;: &quot;/data/completeness.json&quot;,
&quot;description&quot;: &quot;最新 advisory 完整度、系统/family 进度与 ingest 健康度。&quot;
},
{
&quot;label&quot;: &quot;runs.json&quot;,
&quot;href&quot;: &quot;/runs.json&quot;,
@@ -5931,19 +5941,19 @@
&quot;stats&quot;: [
{
&quot;label&quot;: &quot;Run 数&quot;,
&quot;value&quot;: &quot;11&quot;
&quot;value&quot;: &quot;114&quot;
},
{
&quot;label&quot;: &quot;Advisory 数&quot;,
&quot;value&quot;: &quot;80&quot;
&quot;value&quot;: &quot;89&quot;
},
{
&quot;label&quot;: &quot;状态类型&quot;,
&quot;value&quot;: &quot;3&quot;
&quot;value&quot;: &quot;2&quot;
},
{
&quot;label&quot;: &quot;最近失败&quot;,
&quot;value&quot;: &quot;3&quot;
&quot;value&quot;: &quot;20&quot;
}
],
&quot;items&quot;: [
@@ -5954,7 +5964,7 @@
&quot;items&quot;: [
{
&quot;title&quot;: &quot;真实版本已实证&quot;,
&quot;summary&quot;: &quot;当前累计 8 条。&quot;,
&quot;summary&quot;: &quot;当前累计 67 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
@@ -5963,28 +5973,13 @@
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;8&quot;
}
]
},
{
&quot;title&quot;: &quot;制品阻塞&quot;,
&quot;summary&quot;: &quot;当前累计 2 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;状态编码&quot;,
&quot;value&quot;: &quot;blocked-artifact&quot;
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;2&quot;
&quot;value&quot;: &quot;67&quot;
}
]
},
{
&quot;title&quot;: &quot;人工分诊&quot;,
&quot;summary&quot;: &quot;当前累计 1 条。&quot;,
&quot;summary&quot;: &quot;当前累计 22 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
@@ -5993,7 +5988,7 @@
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;1&quot;
&quot;value&quot;: &quot;22&quot;
}
]
}
@@ -6005,60 +6000,8 @@
&quot;open&quot;: false,
&quot;items&quot;: [
{
&quot;title&quot;: &quot;gitea--CVE-2025-68939&quot;,
&quot;summary&quot;: &quot;unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;制品阻塞&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;gitea-livecheck-20260316&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;gitea--CVE-2025-68939&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;制品阻塞&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?&quot;
}
]
},
{
&quot;title&quot;: &quot;gitea--CVE-2025-68939&quot;,
&quot;summary&quot;: &quot;unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;制品阻塞&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;gitea-gitea--CVE-2025-68939-20260317063330&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;gitea--CVE-2025-68939&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;制品阻塞&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?&quot;
}
]
},
{
&quot;title&quot;: &quot;nextjs--CVE-2025-29927&quot;,
&quot;summary&quot;: &quot;dry-run only&quot;,
&quot;title&quot;: &quot;Undici has an HTTP Request/Response Smuggling issue&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
@@ -6066,11 +6009,11 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;nextjs-nextjs--CVE-2025-29927-20260317063047&quot;
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2025-29927&quot;
&quot;value&quot;: &quot;undici--CVE-2026-1525&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
@@ -6078,7 +6021,501 @@
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;dry-run only&quot;
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-1528&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;ProxyAgent vulnerable to MITM&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2022-32210&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-2229&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici has CRLF Injection in undici via `upgrade` option&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-1527&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-1526&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-2581&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;undici Denial of Service attack via bad certificate data&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2025-47279&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-31125&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite&#x27;s `server.fs` settings were not applied to HTML files&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-58752&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite middleware may serve files starting with the same name with the public directory&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-58751&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;vite allows server.fs.deny bypass via backslash on Windows&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-62522&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite has an `server.fs.deny` bypass with an invalid `request-target`&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-32395&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite&#x27;s `server.fs.deny` is bypassed when using `?import&amp;raw`&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2024-45811&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite allows server.fs.deny to be bypassed with .svg or relative paths&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-31486&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite&#x27;s server.fs.deny bypassed with /. for files under project root&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-46565&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Vite bypasses server.fs.deny when using ?raw??&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;vite--CVE-2025-30208&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2026-22036&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Undici&#x27;s cookie header not cleared on cross-origin redirect in fetch&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2023-45143&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Use of Insufficiently Random Values in undici&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;undici--CVE-2025-22150&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
}

8
08-threat-intel/generated/dashboard/docs/coverage-matrix.html
查看文件

@@ -109,7 +109,7 @@
| Flask | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Ghost | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gin | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `30` | `30` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-03T04:57:57.697708Z` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:37/synthetic:0/blocked:0` | `33` | `37` | `0` | `2026-03-03T04:57:57.697708Z` |
| GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Hapi | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -125,7 +125,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `24` | `24` | `3` | `seeded` | `real:1/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-13T22:00:36.554552Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `0` | `2026-03-13T22:14:13.665535Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -145,8 +145,8 @@
| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `14` | `14` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-14T09:19:54.772219Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `12` | `12` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-04T04:37:24.129476Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `14` | `14` | `2` | `seeded` | `real:1/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-14T09:19:54.772219Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `12` | `12` | `3` | `seeded` | `real:3/synthetic:0/blocked:0` | `3` | `3` | `0` | `2026-02-04T04:37:24.129476Z` |
| Vue | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Werkzeug | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |

134
08-threat-intel/generated/dashboard/docs/testing-completeness-report.html 普通文件
查看文件

@@ -0,0 +1,134 @@
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>中文完整度报告</title>
<style>
:root {
--bg: #08111f;
--panel: rgba(9, 18, 32, 0.9);
--border: rgba(137, 171, 214, 0.2);
--text: #f7fafc;
--muted: #9fb3ca;
--accent: #5eead4;
}
* { box-sizing: border-box; }
body {
margin: 0;
min-height: 100vh;
font-family: "IBM Plex Sans", "Segoe UI", sans-serif;
color: var(--text);
background:
radial-gradient(circle at top left, rgba(94, 234, 212, 0.12), transparent 26%),
linear-gradient(160deg, #050c16 0%, #091526 50%, #10233d 100%);
}
main {
max-width: 1080px;
margin: 0 auto;
padding: 32px 20px 40px;
}
.panel {
background: var(--panel);
border: 1px solid var(--border);
border-radius: 20px;
padding: 24px;
box-shadow: 0 24px 80px rgba(1, 7, 20, 0.45);
}
.actions {
display: flex;
flex-wrap: wrap;
gap: 12px;
margin-bottom: 18px;
}
.chip {
display: inline-flex;
align-items: center;
gap: 8px;
border-radius: 999px;
border: 1px solid var(--border);
padding: 10px 14px;
color: var(--text);
background: rgba(255,255,255,0.05);
text-decoration: none;
}
.chip:hover { border-color: rgba(94, 234, 212, 0.42); }
h1 {
margin: 0 0 12px;
font-family: "IBM Plex Serif", Georgia, serif;
font-size: clamp(1.8rem, 4vw, 3rem);
line-height: 1.08;
}
.meta {
color: var(--muted);
margin-bottom: 18px;
}
pre {
margin: 0;
padding: 20px;
overflow: auto;
border-radius: 16px;
border: 1px solid rgba(137, 171, 214, 0.12);
background: rgba(2, 8, 22, 0.84);
color: #d6e5f5;
font-family: "IBM Plex Mono", "SFMono-Regular", monospace;
font-size: 0.92rem;
line-height: 1.6;
white-space: pre-wrap;
}
</style>
</head>
<body>
<main>
<div class="panel">
<div class="actions">
<a class="chip" href="/overview/index.html">返回工作台</a>
</div>
<h1>中文完整度报告</h1>
<div class="meta">工作台内置镜像页89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
<pre># 全库 Advisory 完整度报告
- 生成时间: `2026-03-18T03:59:28+00:00`
- 最新 advisory 完整度: `67/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
- 人工/待补证据数量: `22`
- 完整度百分比: `75.3%`
## 系统覆盖矩阵
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
| --- | ---: | ---: | ---: | ---: | ---: | --- |
| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
| undici | 14 | 1 | 0 | 0 | 13 | ssrf(1/14) |
| vite | 12 | 3 | 0 | 0 | 9 | file-upload(0/9), proxy-boundary(2/2), xss(1/1) |
## 历史阻塞项修复纪要
- Docker daemon unavailable caused provision-compose-environment blocked-artifact.
- Family profiles previously used note-only attack runners and dry-run placeholders.
- Baseline and browser steps were skipped when environment readiness was not enforced.
- Latest completeness now uses one advisory -&gt; latest run semantics instead of historical run piles.
## Ingest / Source 健康度
- source failures: `7`
- wordpress::NVD WordPress::SSLError
- wordpress::WPScan Vulnerability Database::SSLError
- wordpress::PortSwigger Research::SSLError
- magento-open-source::Magento GitHub Advisories::SSLError
- nodejs::Node.js Security Releases::SSLError
- nginx::NGINX Security Advisories::SSLError
- gitea::GitHub Gitea Advisories::SSLError
## 剩余风险说明
- 本报告按 advisory 的最新 run 计算;历史失败 run 仅保留审计价值,不再污染完整度数字。
- `browser_required=true` 的案例必须同时存在基线与攻击后浏览器证据,缺失则不会进入 `verified-real`。
- source collector 健康度单独计数;只有当 failures 归零时,报告与 dashboard 才算真正全绿。
</pre>
</div>
</main>
</body>
</html>

239
08-threat-intel/generated/dashboard/profiles.json
查看文件

@@ -11,6 +11,7 @@
"success_criteria": [
"Protected route or action is evaluated with controlled credentials and logged."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -26,6 +27,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -47,6 +50,7 @@
"success_criteria": [
"Deserialization path is confirmed without executing destructive gadget chains."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -62,6 +66,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -83,6 +89,7 @@
"success_criteria": [
"Upload acceptance or bypass path is demonstrated with reversible test artifacts."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -98,6 +105,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -119,6 +128,7 @@
"success_criteria": [
"Misconfiguration indicator is captured with HTTP or server evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -144,6 +154,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -165,6 +177,7 @@
"success_criteria": [
"Marker file outside intended root becomes reachable or denial path is confirmed."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -180,6 +193,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -201,6 +216,7 @@
"success_criteria": [
"Extension-specific attack path is demonstrated or blocked with artifact evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -216,6 +232,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -237,6 +255,7 @@
"success_criteria": [
"Header trust discrepancy is captured with upstream/downstream logs."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -252,6 +271,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -273,6 +294,7 @@
"success_criteria": [
"Proxy and backend parse disagreement is captured in evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -288,6 +310,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -309,6 +333,7 @@
"success_criteria": [
"Cookie, storage or fixation issue is captured with browser and header evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -334,6 +359,8 @@
"browser_assertions": {
"required": true
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -355,6 +382,7 @@
"success_criteria": [
"Time-based or error-based probe lands with non-destructive evidence."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -380,6 +408,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -401,6 +431,7 @@
"success_criteria": [
"Request sink receives expected callback without crossing authorization boundaries."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -416,6 +447,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -437,6 +470,7 @@
"success_criteria": [
"Template evaluation path is proven with harmless marker output."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -452,6 +486,8 @@
"browser_assertions": {
"required": false
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -473,6 +509,7 @@
"success_criteria": [
"Browser evidence confirms payload reflection or DOM sink execution path."
],
"success_assertions": [],
"seed_actions": [
{
"kind": "note",
@@ -501,6 +538,8 @@
"required": true,
"strategy": "reflect-or-render"
},
"runner_id": null,
"fixture_path": null,
"allowed_target_types": [
"lab-local",
"lab-public",
@@ -522,6 +561,16 @@
"success_criteria": [
"Controlled guest request reaches the protected admin route inside the fixture."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -537,6 +586,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "gitea.authz-bypass",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/authz-bypass",
"allowed_target_types": [
"lab-local"
],
@@ -556,6 +607,20 @@
"success_criteria": [
"Inert upload marker is accepted and listed on the proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -571,6 +636,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.file-upload",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/file-upload",
"allowed_target_types": [
"lab-local"
],
@@ -590,6 +657,20 @@
"success_criteria": [
"Local fixture proves trusted proxy headers cross the admin boundary."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -605,6 +686,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -624,6 +707,16 @@
"success_criteria": [
"Server-side callback reaches the local sink and is recorded in proof output."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -639,6 +732,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "gitea.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -658,6 +753,20 @@
"success_criteria": [
"Browser proof page renders the stored XSS marker after the controlled payload."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -673,6 +782,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "gitea.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/gitea/xss",
"allowed_target_types": [
"lab-local"
],
@@ -692,6 +803,16 @@
"success_criteria": [
"Protected route is reachable only after the controlled bypass proof step."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -707,6 +828,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.authz-bypass",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/authz-bypass",
"allowed_target_types": [
"lab-local"
],
@@ -726,6 +849,16 @@
"success_criteria": [
"Inert decoded object marker is present without executing a gadget chain."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -741,6 +874,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.deserialization",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/deserialization",
"allowed_target_types": [
"lab-local"
],
@@ -760,6 +895,20 @@
"success_criteria": [
"Middleware trust-boundary proof is visible on the browser proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -775,6 +924,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "nextjs.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -794,6 +945,16 @@
"success_criteria": [
"Local sink callback is observed from the server-side fetch path."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -809,6 +970,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "nextjs.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -828,6 +991,20 @@
"success_criteria": [
"Browser proof page shows the XSS execution marker after the controlled payload."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -843,6 +1020,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "nextjs.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/nextjs/xss",
"allowed_target_types": [
"lab-local"
],
@@ -862,6 +1041,16 @@
"success_criteria": [
"SSRF proof endpoint confirms only local sink callbacks were performed."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
}
],
"seed_actions": [
{
"kind": "note",
@@ -877,6 +1066,8 @@
"browser_assertions": {
"required": false
},
"runner_id": "undici.ssrf",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/undici/ssrf",
"allowed_target_types": [
"lab-local"
],
@@ -896,6 +1087,20 @@
"success_criteria": [
"Uploaded inert marker is shown on the browser proof page."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -911,6 +1116,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.file-upload",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/file-upload",
"allowed_target_types": [
"lab-local"
],
@@ -930,6 +1137,20 @@
"success_criteria": [
"Proxy boundary proof banner is visible in the captured browser evidence."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -945,6 +1166,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.proxy-boundary",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/proxy-boundary",
"allowed_target_types": [
"lab-local"
],
@@ -964,6 +1187,20 @@
"success_criteria": [
"Browser proof page shows the controlled XSS marker after attack."
],
"success_assertions": [
{
"name": "baseline-ok",
"type": "baseline-ok"
},
{
"name": "runner-success",
"type": "runner-success"
},
{
"name": "browser-present",
"type": "browser-present"
}
],
"seed_actions": [
{
"kind": "note",
@@ -979,6 +1216,8 @@
"browser_assertions": {
"required": true
},
"runner_id": "vite.xss",
"fixture_path": "/Users/x/websafe/00-environments/templates/fixtures/vite/xss",
"allowed_target_types": [
"lab-local"
],

46119
08-threat-intel/generated/dashboard/runs.json
查看文件

文件差异内容过多而无法显示 加载差异

314
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,95 +1,319 @@
{
"generated_at": "2026-03-18T01:29:52+00:00",
"advisory_count": 80,
"run_count": 11,
"generated_at": "2026-03-18T03:59:28+00:00",
"advisory_count": 89,
"run_count": 114,
"statuses": {
"verified-real": 8,
"blocked-artifact": 2,
"verified-real": 67,
"triage-manual": 22
},
"run_statuses": {
"verified-real": 110,
"blocked-artifact": 3,
"triage-manual": 1
},
"recent_failures": [
{
"run_id": "gitea-livecheck-20260316",
"advisory_id": "gitea--CVE-2025-68939",
"status": "blocked-artifact",
"title": null,
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
},
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"advisory_id": "gitea--CVE-2025-68939",
"status": "blocked-artifact",
"title": null,
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
},
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"advisory_id": "nextjs--CVE-2025-29927",
"run_id": "",
"advisory_id": "undici--CVE-2026-1525",
"status": "triage-manual",
"title": null,
"blocked_reason": "dry-run only"
"title": "Undici has an HTTP Request/Response Smuggling issue",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1528",
"status": "triage-manual",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2022-32210",
"status": "triage-manual",
"title": "ProxyAgent vulnerable to MITM",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-2229",
"status": "triage-manual",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1527",
"status": "triage-manual",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1526",
"status": "triage-manual",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-2581",
"status": "triage-manual",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2025-47279",
"status": "triage-manual",
"title": "undici Denial of Service attack via bad certificate data",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-31125",
"status": "triage-manual",
"title": "Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-58752",
"status": "triage-manual",
"title": "Vite's `server.fs` settings were not applied to HTML files",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-58751",
"status": "triage-manual",
"title": "Vite middleware may serve files starting with the same name with the public directory",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-62522",
"status": "triage-manual",
"title": "vite allows server.fs.deny bypass via backslash on Windows",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-32395",
"status": "triage-manual",
"title": "Vite has an `server.fs.deny` bypass with an invalid `request-target`",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2024-45811",
"status": "triage-manual",
"title": "Vite's `server.fs.deny` is bypassed when using `?import&raw`",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-31486",
"status": "triage-manual",
"title": "Vite allows server.fs.deny to be bypassed with .svg or relative paths",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-46565",
"status": "triage-manual",
"title": "Vite's server.fs.deny bypassed with /. for files under project root",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-30208",
"status": "triage-manual",
"title": "Vite bypasses server.fs.deny when using ?raw??",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-22036",
"status": "triage-manual",
"title": "Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2023-45143",
"status": "triage-manual",
"title": "Undici's cookie header not cleared on cross-origin redirect in fetch",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2025-22150",
"status": "triage-manual",
"title": "Use of Insufficiently Random Values in undici",
"blocked_reason": null
}
],
"systems": [
{
"system_id": "gitea",
"display_name": "Gitea",
"total": 30,
"verified_real": 0,
"total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
"manual": 30,
"browser_required": 0,
"browser_present": 0,
"manual": 0,
"browser_required": 5,
"browser_present": 33,
"latest_update": "2026-03-03T04:57:57.697708Z",
"category": "platforms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/platforms/gitea"
"output_dir": "07-framework-security/platforms/gitea",
"families": [
{
"family": "authz-bypass",
"total": 3,
"verified_real": 3,
"manual": 0
},
{
"family": "file-upload",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 26,
"verified_real": 26,
"manual": 0
},
{
"family": "ssrf",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "xss",
"total": 5,
"verified_real": 5,
"manual": 0
}
]
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"total": 24,
"verified_real": 1,
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 23,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-13T22:00:36.554552Z",
"manual": 0,
"browser_required": 2,
"browser_present": 21,
"latest_update": "2026-03-13T22:14:13.665535Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs"
"output_dir": "07-framework-security/frameworks/nextjs",
"families": [
{
"family": "authz-bypass",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "deserialization",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 19,
"verified_real": 19,
"manual": 0
},
{
"family": "ssrf",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 2,
"verified_real": 2,
"manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 0,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
"manual": 14,
"manual": 13,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-14T09:19:54.772219Z",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici"
"output_dir": "07-framework-security/frameworks/undici",
"families": [
{
"family": "ssrf",
"total": 14,
"verified_real": 1,
"manual": 13
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 0,
"verified_real": 3,
"verified_synthetic": 0,
"blocked": 0,
"manual": 12,
"browser_required": 0,
"browser_present": 0,
"manual": 9,
"browser_required": 3,
"browser_present": 3,
"latest_update": "2026-02-04T04:37:24.129476Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/vite"
"output_dir": "07-framework-security/frameworks/vite",
"families": [
{
"family": "file-upload",
"total": 9,
"verified_real": 0,
"manual": 9
},
{
"family": "proxy-boundary",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 1,
"verified_real": 1,
"manual": 0
}
]
}
]
],
"completeness": {
"advisory_total": 89,
"verified_real": 67,
"verified_synthetic": 0,
"blocked": 0,
"manual": 22,
"verified_ratio": 75.3,
"complete": false
}
}

134
08-threat-intel/generated/dashboard/systems.json
查看文件

@@ -2,61 +2,153 @@
{
"system_id": "gitea",
"display_name": "Gitea",
"total": 30,
"verified_real": 0,
"total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
"manual": 30,
"browser_required": 0,
"browser_present": 0,
"manual": 0,
"browser_required": 5,
"browser_present": 33,
"latest_update": "2026-03-03T04:57:57.697708Z",
"category": "platforms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/platforms/gitea"
"output_dir": "07-framework-security/platforms/gitea",
"families": [
{
"family": "authz-bypass",
"total": 3,
"verified_real": 3,
"manual": 0
},
{
"family": "file-upload",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 26,
"verified_real": 26,
"manual": 0
},
{
"family": "ssrf",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "xss",
"total": 5,
"verified_real": 5,
"manual": 0
}
]
},
{
"system_id": "nextjs",
"display_name": "Next.js",
"total": 24,
"verified_real": 1,
"total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
"manual": 23,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-13T22:00:36.554552Z",
"manual": 0,
"browser_required": 2,
"browser_present": 21,
"latest_update": "2026-03-13T22:14:13.665535Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs"
"output_dir": "07-framework-security/frameworks/nextjs",
"families": [
{
"family": "authz-bypass",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "deserialization",
"total": 1,
"verified_real": 1,
"manual": 0
},
{
"family": "proxy-boundary",
"total": 19,
"verified_real": 19,
"manual": 0
},
{
"family": "ssrf",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 2,
"verified_real": 2,
"manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 0,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
"manual": 14,
"manual": 13,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-14T09:19:54.772219Z",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici"
"output_dir": "07-framework-security/frameworks/undici",
"families": [
{
"family": "ssrf",
"total": 14,
"verified_real": 1,
"manual": 13
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 0,
"verified_real": 3,
"verified_synthetic": 0,
"blocked": 0,
"manual": 12,
"browser_required": 0,
"browser_present": 0,
"manual": 9,
"browser_required": 3,
"browser_present": 3,
"latest_update": "2026-02-04T04:37:24.129476Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/vite"
"output_dir": "07-framework-security/frameworks/vite",
"families": [
{
"family": "file-upload",
"total": 9,
"verified_real": 0,
"manual": 9
},
{
"family": "proxy-boundary",
"total": 2,
"verified_real": 2,
"manual": 0
},
{
"family": "xss",
"total": 1,
"verified_real": 1,
"manual": 0
}
]
}
]

8
08-threat-intel/generated/latest-ingest.md
查看文件

@@ -1,10 +1,10 @@
# 最新同步摘要
- 渲染时间: `2026-03-18T01:29:52+00:00`
- 渲染时间: `2026-03-18T03:59:19+00:00`
- 系统数量: `62`
- Advisory 数量: `80`
- 重点 Markdown 数量: `80`
- Run Bundle 数量: `10`
- Advisory 数量: `89`
- 重点 Markdown 数量: `89`
- Run Bundle 数量: `67`
- 新增记录: `0`
- 更新记录: `0`
- Triage 数量: `0`

8
08-threat-intel/generated/run-summary.json
查看文件

@@ -1,13 +1,13 @@
{
"generated_at": "2026-03-18T01:29:52+00:00",
"generated_at": "2026-03-18T03:59:19+00:00",
"system_count": 62,
"advisory_count": 80,
"markdown_count": 80,
"advisory_count": 89,
"markdown_count": 89,
"new_count": 0,
"updated_count": 0,
"systems_touched": [],
"triage_count": 0,
"run_bundle_count": 10,
"run_bundle_count": 67,
"failures": [
"wordpress::NVD WordPress::SSLError",
"wordpress::WPScan Vulnerability Database::SSLError",