更新: 219 个文件 - 2026-03-16 23:45:01

00-environments/catalog/systems/adminer.yaml

@@ -0,0 +1,26 @@
+system_id: adminer
+display_name: Adminer
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18136:80
+source_reference:
+- name: NVD Adminer
+  kind: nvd-search
+  keyword: Adminer
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/adobe-commerce.yaml

@@ -0,0 +1,36 @@
+system_id: adobe-commerce
+display_name: Adobe Commerce
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18795:80
+source_reference:
+- name: Adobe Security Bulletins
+  kind: html-links
+  url: https://helpx.adobe.com/security/products/magento.html
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - adobe commerce
+  - magento
+  - apsb
+  max_items: 60
+- name: NVD Adobe Commerce
+  kind: nvd-search
+  keyword: Adobe Commerce
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/catalog/systems/angular.yaml

@@ -0,0 +1,29 @@
+system_id: angular
+display_name: Angular
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18146:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Angular
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/apache-httpd.yaml

@@ -0,0 +1,37 @@
+system_id: apache-httpd
+display_name: Apache HTTP Server
+category: servers
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: httpd:2.4
+    ports:
+    - 18087:80
+source_reference:
+- name: Apache HTTPD Security
+  kind: html-links
+  url: https://httpd.apache.org/security/vulnerabilities_24.html
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - apache
+  - http server
+  - cve
+  max_items: 80
+- name: CISA KEV Apache HTTPD
+  kind: kev-json
+  url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - apache http server

00-environments/catalog/systems/apache-tomcat.yaml

@@ -0,0 +1,36 @@
+system_id: apache-tomcat
+display_name: Apache Tomcat
+category: servers
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: authz-bypass-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: tomcat:10.1
+    ports:
+    - 18088:8080
+source_reference:
+- name: Apache Tomcat Security
+  kind: html-links
+  url: https://tomcat.apache.org/security-10.html
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - tomcat
+  - cve
+  max_items: 80
+- name: CISA KEV Tomcat
+  kind: kev-json
+  url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - tomcat

00-environments/catalog/systems/aspnet-core.yaml

@@ -0,0 +1,26 @@
+system_id: aspnet-core
+display_name: ASP.NET Core
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18521:80
+source_reference:
+- name: NVD ASP.NET Core
+  kind: nvd-search
+  keyword: ASP.NET Core
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/astro.yaml

@@ -0,0 +1,29 @@
+system_id: astro
+display_name: Astro
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: authz-bypass-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18653:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Astro
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/caddy.yaml

@@ -0,0 +1,32 @@
+system_id: caddy
+display_name: Caddy
+category: servers
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18617:80
+source_reference:
+- name: GitHub Caddy Advisories
+  kind: html-links
+  url: https://github.com/caddyserver/caddy/security/advisories
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - caddy
+  max_items: 50
+- name: OSV Caddy
+  kind: osv-batch
+  confidence: official
+  advisory_mode: server

00-environments/catalog/systems/directus.yaml

@@ -0,0 +1,32 @@
+system_id: directus
+display_name: Directus
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18267:80
+source_reference:
+- name: Directus GitHub Advisories
+  kind: html-links
+  url: https://github.com/directus/directus/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - directus
+  max_items: 50
+- name: OSV Directus
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/discourse.yaml

@@ -0,0 +1,37 @@
+system_id: discourse
+display_name: Discourse
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18377:80
+source_reference:
+- name: Discourse Meta Security
+  kind: html-links
+  url: https://meta.discourse.org/c/bug/security/40
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - discourse
+  - security
+  max_items: 50
+- name: GitHub Discourse Advisories
+  kind: html-links
+  url: https://github.com/discourse/discourse/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - discourse
+  max_items: 50

00-environments/catalog/systems/django.yaml

@@ -0,0 +1,32 @@
+system_id: django
+display_name: Django
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18727:80
+source_reference:
+- name: Django Security RSS
+  kind: rss-feed
+  url: https://www.djangoproject.com/weblog/feeds/tags/security/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - django
+  max_items: 60
+- name: OSV Django
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/drupal.yaml

@@ -0,0 +1,42 @@
+system_id: drupal
+display_name: Drupal
+category: cms
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: drupal:10-apache
+    ports:
+    - 18081:80
+  db:
+    image: postgres:15
+    environment:
+      POSTGRES_DB: drupal
+      POSTGRES_USER: drupal
+      POSTGRES_PASSWORD: drupal
+source_reference:
+- name: Drupal Security Advisories RSS
+  kind: rss-feed
+  url: https://www.drupal.org/security/rss.xml
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - drupal
+  - sa-core
+  - security
+  max_items: 60
+- name: NVD Drupal
+  kind: nvd-search
+  keyword: Drupal
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/catalog/systems/echo.yaml

@@ -0,0 +1,24 @@
+system_id: echo
+display_name: Echo
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18515:80
+source_reference:
+- name: OSV Echo
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/esbuild.yaml

@@ -0,0 +1,29 @@
+system_id: esbuild
+display_name: esbuild
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18144:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV esbuild
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/express.yaml

@@ -0,0 +1,29 @@
+system_id: express
+display_name: Express
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18178:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Express
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/fastify.yaml

@@ -0,0 +1,29 @@
+system_id: fastify
+display_name: Fastify
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18158:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Fastify
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/flask.yaml

@@ -0,0 +1,29 @@
+system_id: flask
+display_name: Flask
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18629:80
+source_reference:
+- name: OSV Flask
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: pip
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/ghost.yaml

@@ -0,0 +1,34 @@
+system_id: ghost
+display_name: Ghost
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18649:80
+source_reference:
+- name: Ghost GitHub Advisories
+  kind: html-links
+  url: https://github.com/TryGhost/Ghost/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - ghost
+  max_items: 50
+- name: NVD Ghost
+  kind: nvd-search
+  keyword: Ghost CMS
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/gin.yaml

@@ -0,0 +1,24 @@
+system_id: gin
+display_name: Gin
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18418:80
+source_reference:
+- name: OSV Gin
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/gitea.yaml

@@ -0,0 +1,32 @@
+system_id: gitea
+display_name: Gitea
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: gitea/gitea:1.22.6
+    ports:
+    - 18085:3000
+source_reference:
+- name: GitHub Gitea Advisories
+  kind: html-links
+  url: https://github.com/go-gitea/gitea/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - gitea
+  max_items: 50
+- name: OSV Gitea
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/gitlab-ce.yaml

@@ -0,0 +1,35 @@
+system_id: gitlab-ce
+display_name: GitLab CE
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: deserialization-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18272:80
+source_reference:
+- name: GitLab Security Releases
+  kind: html-links
+  url: https://about.gitlab.com/releases/categories/releases/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - security release
+  - gitlab
+  max_items: 50
+- name: NVD GitLab
+  kind: nvd-search
+  keyword: GitLab CE
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/grafana.yaml

@@ -0,0 +1,35 @@
+system_id: grafana
+display_name: Grafana
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18120:80
+source_reference:
+- name: Grafana Security Advisories
+  kind: html-links
+  url: https://grafana.com/security/security-advisories/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - grafana
+  max_items: 60
+- name: CISA KEV Grafana
+  kind: kev-json
+  url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - grafana

00-environments/catalog/systems/hapi.yaml

@@ -0,0 +1,29 @@
+system_id: hapi
+display_name: Hapi
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18518:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Hapi
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/haproxy.yaml

@@ -0,0 +1,35 @@
+system_id: haproxy
+display_name: HAProxy
+category: servers
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18179:80
+source_reference:
+- name: HAProxy Security Advisories
+  kind: html-links
+  url: https://www.haproxy.org/security/
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - haproxy
+  - security
+  max_items: 50
+- name: NVD HAProxy
+  kind: nvd-search
+  keyword: HAProxy
+  confidence: official
+  advisory_mode: server
+  results_per_page: 40

00-environments/catalog/systems/jenkins.yaml

@@ -0,0 +1,34 @@
+system_id: jenkins
+display_name: Jenkins
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: deserialization-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18154:80
+source_reference:
+- name: Jenkins Security Advisories
+  kind: html-links
+  url: https://www.jenkins.io/security/advisories/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - jenkins
+  max_items: 60
+- name: NVD Jenkins
+  kind: nvd-search
+  keyword: Jenkins
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/joomla.yaml

@@ -0,0 +1,42 @@
+system_id: joomla
+display_name: Joomla
+category: cms
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: joomla:latest
+    ports:
+    - 18082:80
+  db:
+    image: mariadb:10.11
+    environment:
+      MARIADB_DATABASE: joomla
+      MARIADB_USER: joomla
+      MARIADB_PASSWORD: joomla
+      MARIADB_ROOT_PASSWORD: root
+source_reference:
+- name: Joomla Security Centre
+  kind: html-links
+  url: https://developer.joomla.org/security-centre.html
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - joomla
+  - security
+  max_items: 50
+- name: NVD Joomla
+  kind: nvd-search
+  keyword: Joomla
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/catalog/systems/kibana.yaml

@@ -0,0 +1,36 @@
+system_id: kibana
+display_name: Kibana
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18714:80
+source_reference:
+- name: Elastic Security Announcements
+  kind: html-links
+  url: https://discuss.elastic.co/c/announcements/security-announcements/31
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - kibana
+  - elastic
+  - security
+  max_items: 60
+- name: NVD Kibana
+  kind: nvd-search
+  keyword: Kibana
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/koa.yaml

@@ -0,0 +1,29 @@
+system_id: koa
+display_name: Koa
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18415:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Koa
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/laravel.yaml

@@ -0,0 +1,29 @@
+system_id: laravel
+display_name: Laravel
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18143:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: composer
+  confidence: official
+  advisory_mode: core
+- name: OSV Laravel
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/magento-open-source.yaml

@@ -0,0 +1,34 @@
+system_id: magento-open-source
+display_name: Magento Open Source
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18628:80
+source_reference:
+- name: Magento GitHub Advisories
+  kind: html-links
+  url: https://github.com/magento/magento2/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - magento
+  max_items: 50
+- name: NVD Magento
+  kind: nvd-search
+  keyword: Magento
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/catalog/systems/mattermost.yaml

@@ -0,0 +1,34 @@
+system_id: mattermost
+display_name: Mattermost
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18504:80
+source_reference:
+- name: Mattermost Security Updates
+  kind: html-links
+  url: https://mattermost.com/security-updates/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - mattermost
+  max_items: 50
+- name: NVD Mattermost
+  kind: nvd-search
+  keyword: Mattermost
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/mediawiki.yaml

@@ -0,0 +1,35 @@
+system_id: mediawiki
+display_name: MediaWiki
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18348:80
+source_reference:
+- name: MediaWiki Security Releases
+  kind: html-links
+  url: https://www.mediawiki.org/wiki/Security
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - mediawiki
+  - security
+  max_items: 50
+- name: NVD MediaWiki
+  kind: nvd-search
+  keyword: MediaWiki
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/medusa.yaml

@@ -0,0 +1,32 @@
+system_id: medusa
+display_name: Medusa
+category: ecommerce
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: session-token-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18739:80
+source_reference:
+- name: GitHub Medusa Advisories
+  kind: html-links
+  url: https://github.com/medusajs/medusa/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - medusa
+  max_items: 50
+- name: OSV Medusa
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/moodle.yaml

@@ -0,0 +1,35 @@
+system_id: moodle
+display_name: Moodle
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18740:80
+source_reference:
+- name: Moodle Security News
+  kind: html-links
+  url: https://moodle.org/security/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - moodle
+  - security
+  max_items: 50
+- name: NVD Moodle
+  kind: nvd-search
+  keyword: Moodle
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/nestjs.yaml

@@ -0,0 +1,29 @@
+system_id: nestjs
+display_name: NestJS
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: ssrf-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18763:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV NestJS
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/nextjs.yaml

@@ -0,0 +1,34 @@
+system_id: nextjs
+display_name: Next.js
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- official-source
+- synthetic
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18090:3000
+source_reference:
+- name: GitHub Next.js Advisories
+  kind: html-links
+  url: https://github.com/vercel/next.js/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - next.js
+  - next
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/nginx.yaml

@@ -0,0 +1,35 @@
+system_id: nginx
+display_name: Nginx
+category: servers
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginx:1.27-alpine
+    ports:
+    - 18086:80
+source_reference:
+- name: NGINX Security Advisories
+  kind: html-links
+  url: https://nginx.org/en/security_advisories.html
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - nginx
+  - security
+  max_items: 60
+- name: NVD NGINX
+  kind: nvd-search
+  keyword: NGINX
+  confidence: official
+  advisory_mode: server
+  results_per_page: 50

00-environments/catalog/systems/nodejs.yaml

@@ -0,0 +1,37 @@
+system_id: nodejs
+display_name: Node.js
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- official-source
+- synthetic
+- synthetic
+default_repro_family: ssrf-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18089:3000
+source_reference:
+- name: Node.js Security Releases
+  kind: html-links
+  url: https://nodejs.org/en/blog/vulnerability
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - node.js
+  - security
+  max_items: 60
+- name: CISA KEV Node.js
+  kind: kev-json
+  url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - node.js
+  - nodejs

00-environments/catalog/systems/nuxt.yaml

@@ -0,0 +1,33 @@
+system_id: nuxt
+display_name: Nuxt
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- official-source
+- synthetic
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18092:3000
+source_reference:
+- name: Nuxt Security
+  kind: html-links
+  url: https://github.com/nuxt/nuxt/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - nuxt
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/opencart.yaml

@@ -0,0 +1,41 @@
+system_id: opencart
+display_name: OpenCart
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: bitnami/opencart:latest
+    ports:
+    - 18084:8080
+  db:
+    image: mariadb:10.11
+    environment:
+      MARIADB_DATABASE: opencart
+      MARIADB_USER: opencart
+      MARIADB_PASSWORD: opencart
+      MARIADB_ROOT_PASSWORD: root
+source_reference:
+- name: OpenCart Releases
+  kind: html-links
+  url: https://github.com/opencart/opencart/releases
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - opencart
+  max_items: 50
+- name: NVD OpenCart
+  kind: nvd-search
+  keyword: OpenCart
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/catalog/systems/openmage.yaml

@@ -0,0 +1,35 @@
+system_id: openmage
+display_name: OpenMage / Mage-OS
+category: ecommerce
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: plugin-extension-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18244:80
+source_reference:
+- name: OpenMage GitHub Advisories
+  kind: html-links
+  url: https://github.com/OpenMage/magento-lts/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - openmage
+  - mage
+  max_items: 50
+- name: NVD OpenMage
+  kind: nvd-search
+  keyword: OpenMage
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/phpmyadmin.yaml

@@ -0,0 +1,34 @@
+system_id: phpmyadmin
+display_name: phpMyAdmin
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18479:80
+source_reference:
+- name: phpMyAdmin Security Page
+  kind: html-links
+  url: https://www.phpmyadmin.net/security/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - phpmyadmin
+  max_items: 50
+- name: NVD phpMyAdmin
+  kind: nvd-search
+  keyword: phpMyAdmin
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/prestashop.yaml

@@ -0,0 +1,44 @@
+system_id: prestashop
+display_name: PrestaShop
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: prestashop/prestashop:latest
+    ports:
+    - 18083:80
+  db:
+    image: mariadb:10.11
+    environment:
+      MARIADB_DATABASE: prestashop
+      MARIADB_USER: prestashop
+      MARIADB_PASSWORD: prestashop
+      MARIADB_ROOT_PASSWORD: root
+source_reference:
+- name: PrestaShop Security Page
+  kind: html-links
+  url: https://build.prestashop-project.org/news/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - prestashop
+  - security
+  max_items: 50
+- name: GitHub PrestaShop Advisories
+  kind: html-links
+  url: https://github.com/PrestaShop/PrestaShop/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - prestashop
+  max_items: 50

00-environments/catalog/systems/rails.yaml

@@ -0,0 +1,29 @@
+system_id: rails
+display_name: Ruby on Rails
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18639:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: rubygems
+  confidence: official
+  advisory_mode: core
+- name: OSV Rails
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/react.yaml

@@ -0,0 +1,33 @@
+system_id: react
+display_name: React
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18627:80
+source_reference:
+- name: GitHub React Advisories
+  kind: html-links
+  url: https://github.com/facebook/react/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - react
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/redmine.yaml

@@ -0,0 +1,34 @@
+system_id: redmine
+display_name: Redmine
+category: platforms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18140:80
+source_reference:
+- name: Redmine Security Advisories
+  kind: html-links
+  url: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - redmine
+  max_items: 50
+- name: NVD Redmine
+  kind: nvd-search
+  keyword: Redmine
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/saleor.yaml

@@ -0,0 +1,34 @@
+system_id: saleor
+display_name: Saleor
+category: ecommerce
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: session-token-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18746:80
+source_reference:
+- name: GitHub Saleor Advisories
+  kind: html-links
+  url: https://github.com/saleor/saleor/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - saleor
+  max_items: 50
+- name: NVD Saleor
+  kind: nvd-search
+  keyword: Saleor
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/shopware.yaml

@@ -0,0 +1,34 @@
+system_id: shopware
+display_name: Shopware
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18273:80
+source_reference:
+- name: Shopware Security Advisories
+  kind: html-links
+  url: https://github.com/shopware/shopware/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - shopware
+  max_items: 50
+- name: NVD Shopware
+  kind: nvd-search
+  keyword: Shopware
+  confidence: official
+  advisory_mode: core
+  results_per_page: 40

00-environments/catalog/systems/spring-boot.yaml

@@ -0,0 +1,33 @@
+system_id: spring-boot
+display_name: Spring Boot
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18540:80
+source_reference:
+- name: Spring Security Advisories
+  kind: html-links
+  url: https://spring.io/security
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - spring boot
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: maven
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/spring-framework.yaml

@@ -0,0 +1,34 @@
+system_id: spring-framework
+display_name: Spring Framework
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: deserialization-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18378:80
+source_reference:
+- name: Spring Security Advisories
+  kind: html-links
+  url: https://spring.io/security
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - spring framework
+  - cve
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: maven
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/spring-security.yaml

@@ -0,0 +1,33 @@
+system_id: spring-security
+display_name: Spring Security
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18292:80
+source_reference:
+- name: Spring Security Advisories
+  kind: html-links
+  url: https://spring.io/security
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - spring security
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: maven
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/strapi.yaml

@@ -0,0 +1,32 @@
+system_id: strapi
+display_name: Strapi
+category: cms
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18759:80
+source_reference:
+- name: Strapi GitHub Advisories
+  kind: html-links
+  url: https://github.com/strapi/strapi/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - strapi
+  max_items: 50
+- name: OSV Strapi
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/sveltekit.yaml

@@ -0,0 +1,29 @@
+system_id: sveltekit
+display_name: SvelteKit
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: session-token-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18387:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV SvelteKit
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/symfony.yaml

@@ -0,0 +1,29 @@
+system_id: symfony
+display_name: Symfony
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18189:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: composer
+  confidence: official
+  advisory_mode: core
+- name: OSV Symfony
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/traefik.yaml

@@ -0,0 +1,32 @@
+system_id: traefik
+display_name: Traefik
+category: servers
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: false
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18142:80
+source_reference:
+- name: GitHub Traefik Advisories
+  kind: html-links
+  url: https://github.com/traefik/traefik/security/advisories
+  confidence: official
+  advisory_mode: server
+  keywords:
+  - traefik
+  max_items: 50
+- name: OSV Traefik
+  kind: osv-batch
+  confidence: official
+  advisory_mode: server

00-environments/catalog/systems/undici.yaml

@@ -0,0 +1,29 @@
+system_id: undici
+display_name: Undici
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18736:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV Undici
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/vite.yaml

@@ -0,0 +1,33 @@
+system_id: vite
+display_name: Vite
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- official-source
+- synthetic
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18093:5173
+source_reference:
+- name: Vite Security
+  kind: html-links
+  url: https://github.com/vitejs/vite/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - vite
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/vue.yaml

@@ -0,0 +1,33 @@
+system_id: vue
+display_name: Vue
+category: frameworks
+tier: history-full
+artifact_mode_preference:
+- official-source
+- synthetic
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18091:5173
+source_reference:
+- name: Vue Security
+  kind: html-links
+  url: https://github.com/vuejs/core/security
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - vue
+  max_items: 50
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/webpack.yaml

@@ -0,0 +1,29 @@
+system_id: webpack
+display_name: webpack
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: file-upload-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18133:80
+source_reference:
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: npm
+  confidence: official
+  advisory_mode: core
+- name: OSV webpack
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/werkzeug.yaml

@@ -0,0 +1,29 @@
+system_id: werkzeug
+display_name: Werkzeug
+category: frameworks
+tier: rolling-24m
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: proxy-boundary-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18284:80
+source_reference:
+- name: OSV Werkzeug
+  kind: osv-batch
+  confidence: official
+  advisory_mode: core
+- name: GitHub Global Advisories
+  kind: ghsa-global
+  ecosystem: pip
+  confidence: official
+  advisory_mode: core

00-environments/catalog/systems/woocommerce.yaml

@@ -0,0 +1,37 @@
+system_id: woocommerce
+display_name: WooCommerce
+category: ecommerce
+tier: history-full
+artifact_mode_preference:
+- synthetic
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18584:80
+source_reference:
+- name: Woo Developer Advisories
+  kind: html-links
+  url: https://developer.woocommerce.com/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - woocommerce
+  - security
+  max_items: 50
+- name: GitHub WooCommerce Advisories
+  kind: html-links
+  url: https://github.com/woocommerce/woocommerce/security/advisories
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - woocommerce
+  max_items: 50

00-environments/catalog/systems/wordpress.yaml

@@ -0,0 +1,43 @@
+system_id: wordpress
+display_name: WordPress
+category: cms
+tier: history-full
+artifact_mode_preference:
+- official-image
+- official-source
+- synthetic
+default_repro_family: xss-generic
+browser_required_default: true
+log_collectors:
+- docker-logs
+- http-snapshot
+report_template: default-lab-report
+services:
+  app:
+    image: wordpress:php8.2-apache
+    ports:
+    - 18080:80
+  db:
+    image: mariadb:10.11
+    environment:
+      MARIADB_DATABASE: wordpress
+      MARIADB_USER: wordpress
+      MARIADB_PASSWORD: wordpress
+      MARIADB_ROOT_PASSWORD: root
+source_reference:
+- name: WordPress Security News
+  kind: html-links
+  url: https://wordpress.org/news/category/security/
+  confidence: official
+  advisory_mode: core
+  keywords:
+  - wordpress
+  - security
+  - release
+  max_items: 40
+- name: NVD WordPress
+  kind: nvd-search
+  keyword: WordPress
+  confidence: official
+  advisory_mode: core
+  results_per_page: 50

00-environments/profiles/core/adminer/current.yaml

@@ -0,0 +1,17 @@
+profile_id: adminer-core-current
+system_id: adminer
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18136:80
+baseline_urls:
+- http://127.0.0.1:18136/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/adobe-commerce/current.yaml

@@ -0,0 +1,17 @@
+profile_id: adobe-commerce-core-current
+system_id: adobe-commerce
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18795:80
+baseline_urls:
+- http://127.0.0.1:18795/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/angular/current.yaml

@@ -0,0 +1,17 @@
+profile_id: angular-core-current
+system_id: angular
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18146:80
+baseline_urls:
+- http://127.0.0.1:18146/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/apache-httpd/current.yaml

@@ -0,0 +1,17 @@
+profile_id: apache-httpd-core-current
+system_id: apache-httpd
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: false
+services:
+  app:
+    image: httpd:2.4
+    ports:
+    - 18087:80
+baseline_urls:
+- http://127.0.0.1:18087/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/apache-tomcat/current.yaml

@@ -0,0 +1,17 @@
+profile_id: apache-tomcat-core-current
+system_id: apache-tomcat
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: false
+services:
+  app:
+    image: tomcat:10.1
+    ports:
+    - 18088:8080
+baseline_urls:
+- http://127.0.0.1:18088/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/aspnet-core/current.yaml

@@ -0,0 +1,17 @@
+profile_id: aspnet-core-core-current
+system_id: aspnet-core
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18521:80
+baseline_urls:
+- http://127.0.0.1:18521/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/astro/current.yaml

@@ -0,0 +1,17 @@
+profile_id: astro-core-current
+system_id: astro
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18653:80
+baseline_urls:
+- http://127.0.0.1:18653/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/caddy/current.yaml

@@ -0,0 +1,17 @@
+profile_id: caddy-core-current
+system_id: caddy
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: false
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18617:80
+baseline_urls:
+- http://127.0.0.1:18617/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/directus/current.yaml

@@ -0,0 +1,17 @@
+profile_id: directus-core-current
+system_id: directus
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18267:80
+baseline_urls:
+- http://127.0.0.1:18267/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/discourse/current.yaml

@@ -0,0 +1,17 @@
+profile_id: discourse-core-current
+system_id: discourse
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18377:80
+baseline_urls:
+- http://127.0.0.1:18377/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/django/current.yaml

@@ -0,0 +1,17 @@
+profile_id: django-core-current
+system_id: django
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18727:80
+baseline_urls:
+- http://127.0.0.1:18727/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/drupal/current.yaml

@@ -0,0 +1,23 @@
+profile_id: drupal-core-current
+system_id: drupal
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: true
+services:
+  app:
+    image: drupal:10-apache
+    ports:
+    - 18081:80
+  db:
+    image: postgres:15
+    environment:
+      POSTGRES_DB: drupal
+      POSTGRES_USER: drupal
+      POSTGRES_PASSWORD: drupal
+baseline_urls:
+- http://127.0.0.1:18081/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/echo/current.yaml

@@ -0,0 +1,17 @@
+profile_id: echo-core-current
+system_id: echo
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18515:80
+baseline_urls:
+- http://127.0.0.1:18515/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/esbuild/current.yaml

@@ -0,0 +1,17 @@
+profile_id: esbuild-core-current
+system_id: esbuild
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18144:80
+baseline_urls:
+- http://127.0.0.1:18144/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/express/current.yaml

@@ -0,0 +1,17 @@
+profile_id: express-core-current
+system_id: express
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18178:80
+baseline_urls:
+- http://127.0.0.1:18178/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/fastify/current.yaml

@@ -0,0 +1,17 @@
+profile_id: fastify-core-current
+system_id: fastify
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18158:80
+baseline_urls:
+- http://127.0.0.1:18158/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/flask/current.yaml

@@ -0,0 +1,17 @@
+profile_id: flask-core-current
+system_id: flask
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18629:80
+baseline_urls:
+- http://127.0.0.1:18629/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/ghost/current.yaml

@@ -0,0 +1,17 @@
+profile_id: ghost-core-current
+system_id: ghost
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18649:80
+baseline_urls:
+- http://127.0.0.1:18649/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/gin/current.yaml

@@ -0,0 +1,17 @@
+profile_id: gin-core-current
+system_id: gin
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18418:80
+baseline_urls:
+- http://127.0.0.1:18418/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/gitea/current.yaml

@@ -0,0 +1,17 @@
+profile_id: gitea-core-current
+system_id: gitea
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: true
+services:
+  app:
+    image: gitea/gitea:1.22.6
+    ports:
+    - 18085:3000
+baseline_urls:
+- http://127.0.0.1:18085/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/gitlab-ce/current.yaml

@@ -0,0 +1,17 @@
+profile_id: gitlab-ce-core-current
+system_id: gitlab-ce
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18272:80
+baseline_urls:
+- http://127.0.0.1:18272/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/grafana/current.yaml

@@ -0,0 +1,17 @@
+profile_id: grafana-core-current
+system_id: grafana
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18120:80
+baseline_urls:
+- http://127.0.0.1:18120/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/hapi/current.yaml

@@ -0,0 +1,17 @@
+profile_id: hapi-core-current
+system_id: hapi
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18518:80
+baseline_urls:
+- http://127.0.0.1:18518/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/haproxy/current.yaml

@@ -0,0 +1,17 @@
+profile_id: haproxy-core-current
+system_id: haproxy
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: false
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18179:80
+baseline_urls:
+- http://127.0.0.1:18179/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/jenkins/current.yaml

@@ -0,0 +1,17 @@
+profile_id: jenkins-core-current
+system_id: jenkins
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18154:80
+baseline_urls:
+- http://127.0.0.1:18154/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/joomla/current.yaml

@@ -0,0 +1,24 @@
+profile_id: joomla-core-current
+system_id: joomla
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: true
+services:
+  app:
+    image: joomla:latest
+    ports:
+    - 18082:80
+  db:
+    image: mariadb:10.11
+    environment:
+      MARIADB_DATABASE: joomla
+      MARIADB_USER: joomla
+      MARIADB_PASSWORD: joomla
+      MARIADB_ROOT_PASSWORD: root
+baseline_urls:
+- http://127.0.0.1:18082/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/kibana/current.yaml

@@ -0,0 +1,17 @@
+profile_id: kibana-core-current
+system_id: kibana
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18714:80
+baseline_urls:
+- http://127.0.0.1:18714/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/koa/current.yaml

@@ -0,0 +1,17 @@
+profile_id: koa-core-current
+system_id: koa
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18415:80
+baseline_urls:
+- http://127.0.0.1:18415/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/laravel/current.yaml

@@ -0,0 +1,17 @@
+profile_id: laravel-core-current
+system_id: laravel
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18143:80
+baseline_urls:
+- http://127.0.0.1:18143/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/magento-open-source/current.yaml

@@ -0,0 +1,17 @@
+profile_id: magento-open-source-core-current
+system_id: magento-open-source
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18628:80
+baseline_urls:
+- http://127.0.0.1:18628/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/mattermost/current.yaml

@@ -0,0 +1,17 @@
+profile_id: mattermost-core-current
+system_id: mattermost
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18504:80
+baseline_urls:
+- http://127.0.0.1:18504/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/mediawiki/current.yaml

@@ -0,0 +1,17 @@
+profile_id: mediawiki-core-current
+system_id: mediawiki
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18348:80
+baseline_urls:
+- http://127.0.0.1:18348/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/medusa/current.yaml

@@ -0,0 +1,17 @@
+profile_id: medusa-core-current
+system_id: medusa
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18739:80
+baseline_urls:
+- http://127.0.0.1:18739/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/moodle/current.yaml

@@ -0,0 +1,17 @@
+profile_id: moodle-core-current
+system_id: moodle
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18740:80
+baseline_urls:
+- http://127.0.0.1:18740/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/nestjs/current.yaml

@@ -0,0 +1,17 @@
+profile_id: nestjs-core-current
+system_id: nestjs
+version: current
+artifact_mode: synthetic
+verification_mode: synthetic
+browser_required: true
+services:
+  app:
+    image: nginxdemos/hello:latest
+    ports:
+    - 18763:80
+baseline_urls:
+- http://127.0.0.1:18763/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/nextjs/current.yaml

@@ -0,0 +1,17 @@
+profile_id: nextjs-core-current
+system_id: nextjs
+version: current
+artifact_mode: official-source
+verification_mode: real
+browser_required: true
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18090:3000
+baseline_urls:
+- http://127.0.0.1:18090/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/nginx/current.yaml

@@ -0,0 +1,17 @@
+profile_id: nginx-core-current
+system_id: nginx
+version: current
+artifact_mode: official-image
+verification_mode: real
+browser_required: false
+services:
+  app:
+    image: nginx:1.27-alpine
+    ports:
+    - 18086:80
+baseline_urls:
+- http://127.0.0.1:18086/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy

00-environments/profiles/core/nodejs/current.yaml

@@ -0,0 +1,17 @@
+profile_id: nodejs-core-current
+system_id: nodejs
+version: current
+artifact_mode: official-source
+verification_mode: real
+browser_required: false
+services:
+  app:
+    image: node:22-alpine
+    ports:
+    - 18089:3000
+baseline_urls:
+- http://127.0.0.1:18089/
+seed_actions:
+- kind: note
+  message: Use default seed strategy derived from repro profile.
+cleanup_policy: destroy