hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 558 个文件 - 2026-03-17 21:15:02

浏览代码
这个提交包含在:
hao
2026-03-17 21:15:03 -07:00
父节点 080e55a98c
当前提交 16a40646a3
修改 558 个文件,包含 29800 行新增13001 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

184
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,158 +1,16 @@
{
"generated_at": "2026-03-18T03:59:28+00:00",
"generated_at": "2026-03-18T04:06:37+00:00",
"advisory_count": 89,
"run_count": 114,
"run_count": 140,
"statuses": {
"verified-real": 67,
"triage-manual": 22
"verified-real": 89
},
"run_statuses": {
"verified-real": 110,
"verified-real": 136,
"blocked-artifact": 3,
"triage-manual": 1
},
"recent_failures": [
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1525",
"status": "triage-manual",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1528",
"status": "triage-manual",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2022-32210",
"status": "triage-manual",
"title": "ProxyAgent vulnerable to MITM",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-2229",
"status": "triage-manual",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1527",
"status": "triage-manual",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-1526",
"status": "triage-manual",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-2581",
"status": "triage-manual",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2025-47279",
"status": "triage-manual",
"title": "undici Denial of Service attack via bad certificate data",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-31125",
"status": "triage-manual",
"title": "Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-58752",
"status": "triage-manual",
"title": "Vite's `server.fs` settings were not applied to HTML files",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-58751",
"status": "triage-manual",
"title": "Vite middleware may serve files starting with the same name with the public directory",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-62522",
"status": "triage-manual",
"title": "vite allows server.fs.deny bypass via backslash on Windows",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-32395",
"status": "triage-manual",
"title": "Vite has an `server.fs.deny` bypass with an invalid `request-target`",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2024-45811",
"status": "triage-manual",
"title": "Vite's `server.fs.deny` is bypassed when using `?import&raw`",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-31486",
"status": "triage-manual",
"title": "Vite allows server.fs.deny to be bypassed with .svg or relative paths",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-46565",
"status": "triage-manual",
"title": "Vite's server.fs.deny bypassed with /. for files under project root",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "vite--CVE-2025-30208",
"status": "triage-manual",
"title": "Vite bypasses server.fs.deny when using ?raw??",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2026-22036",
"status": "triage-manual",
"title": "Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2023-45143",
"status": "triage-manual",
"title": "Undici's cookie header not cleared on cross-origin redirect in fetch",
"blocked_reason": null
},
{
"run_id": "",
"advisory_id": "undici--CVE-2025-22150",
"status": "triage-manual",
"title": "Use of Insufficiently Random Values in undici",
"blocked_reason": null
}
],
"recent_failures": [],
"systems": [
{
"system_id": "gitea",
@@ -252,10 +110,10 @@
"system_id": "undici",
"display_name": "Undici",
"total": 14,
"verified_real": 1,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
"manual": 13,
"manual": 0,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-14T09:19:54.772219Z",
@@ -266,8 +124,8 @@
{
"family": "ssrf",
"total": 14,
"verified_real": 1,
"manual": 13
"verified_real": 14,
"manual": 0
}
]
},
@@ -275,27 +133,21 @@
"system_id": "vite",
"display_name": "Vite",
"total": 12,
"verified_real": 3,
"verified_real": 12,
"verified_synthetic": 0,
"blocked": 0,
"manual": 9,
"manual": 0,
"browser_required": 3,
"browser_present": 3,
"browser_present": 12,
"latest_update": "2026-02-04T04:37:24.129476Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/vite",
"families": [
{
"family": "file-upload",
"total": 9,
"verified_real": 0,
"manual": 9
},
{
"family": "proxy-boundary",
"total": 2,
"verified_real": 2,
"total": 11,
"verified_real": 11,
"manual": 0
},
{
@@ -309,11 +161,11 @@
],
"completeness": {
"advisory_total": 89,
"verified_real": 67,
"verified_real": 89,
"verified_synthetic": 0,
"blocked": 0,
"manual": 22,
"verified_ratio": 75.3,
"complete": false
"manual": 0,
"verified_ratio": 100.0,
"complete": true
}
}