hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 219 个文件 - 2026-03-16 23:45:01

浏览代码
这个提交包含在:
hao
2026-03-16 23:45:01 -07:00
父节点 2974cd9ad9
当前提交 17a26fa7d0
修改 219 个文件,包含 4507 行新增146 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

4
08-threat-intel/generated/coverage-matrix.md
查看文件

@@ -21,7 +21,7 @@
| Flask | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Ghost | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gin | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-03T04:57:57.697708Z` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:0/synthetic:0/blocked:1` | `0` | `1` | `0` | `2026-03-03T04:57:57.697708Z` |
| GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Hapi | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -37,7 +37,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:14:13.665535Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-13T22:14:13.665535Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |

74
08-threat-intel/generated/dashboard/runs.json
查看文件

@@ -1 +1,73 @@
[]
[
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"system_id": "gitea",
"advisory_id": "gitea--CVE-2025-68939",
"repro_profile_id": "file-upload-generic",
"verification_status": "blocked-artifact",
"verification_mode": "real",
"artifact_mode": "official-image",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [],
"attack_steps": [],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:33:30+00:00",
"finished_at": "2026-03-17T06:33:30+00:00",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/timeline.mmd"
}
},
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"system_id": "nextjs",
"advisory_id": "nextjs--CVE-2025-29927",
"repro_profile_id": "authz-bypass-generic",
"verification_status": "triage-manual",
"verification_mode": "real",
"artifact_mode": "official-source",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"attack_steps": [
{
"kind": "note",
"tool": null,
"args": [],
"status": "planned"
}
],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:30:47+00:00",
"finished_at": "2026-03-17T06:30:47+00:00",
"blocked_reason": "dry-run only",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/timeline.mmd"
}
}
]

81
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,5 +1,80 @@
{
"run_count": 0,
"statuses": {},
"recent_runs": []
"run_count": 2,
"statuses": {
"blocked-artifact": 1,
"triage-manual": 1
},
"recent_runs": [
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"system_id": "gitea",
"advisory_id": "gitea--CVE-2025-68939",
"repro_profile_id": "file-upload-generic",
"verification_status": "blocked-artifact",
"verification_mode": "real",
"artifact_mode": "official-image",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [],
"attack_steps": [],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:33:30+00:00",
"finished_at": "2026-03-17T06:33:30+00:00",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/timeline.mmd"
}
},
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"system_id": "nextjs",
"advisory_id": "nextjs--CVE-2025-29927",
"repro_profile_id": "authz-bypass-generic",
"verification_status": "triage-manual",
"verification_mode": "real",
"artifact_mode": "official-source",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"attack_steps": [
{
"kind": "note",
"tool": null,
"args": [],
"status": "planned"
}
],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:30:47+00:00",
"finished_at": "2026-03-17T06:30:47+00:00",
"blocked_reason": "dry-run only",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/timeline.mmd"
}
}
]
}

4
08-threat-intel/generated/latest-ingest.md
查看文件

@@ -1,10 +1,10 @@
# 最新同步摘要
- 渲染时间: `2026-03-17T06:28:49+00:00`
- 渲染时间: `2026-03-17T06:35:58+00:00`
- 系统数量: `62`
- Advisory 数量: `89`
- 重点 Markdown 数量: `89`
- Run Bundle 数量: `0`
- Run Bundle 数量: `2`
- 新增记录: `0`
- 更新记录: `0`
- Triage 数量: `0`

4
08-threat-intel/generated/run-summary.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-17T06:28:49+00:00",
"generated_at": "2026-03-17T06:35:58+00:00",
"system_count": 62,
"advisory_count": 89,
"markdown_count": 89,
@@ -7,7 +7,7 @@
"updated_count": 0,
"systems_touched": [],
"triage_count": 0,
"run_bundle_count": 0,
"run_bundle_count": 2,
"failures": [
"wordpress::NVD WordPress::SSLError",
"wordpress::WPScan Vulnerability Database::SSLError",

14
08-threat-intel/registry/advisories/gitea--CVE-2025-68939.json
查看文件

@@ -49,19 +49,19 @@
],
"status": "generated",
"triage_reasons": [],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"verification_status": "blocked-artifact",
"verification_mode": "real",
"last_verified_at": "2026-03-17T06:33:30+00:00",
"last_run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"evidence_bundle": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "file-upload-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"artifact_mode": "official-image",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"metadata": {
"source_names": [
"OSV Gitea"

12
08-threat-intel/registry/advisories/nextjs--CVE-2025-29927.json
查看文件

@@ -61,18 +61,18 @@
"status": "generated",
"triage_reasons": [],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"verification_mode": "real",
"last_verified_at": "2026-03-17T06:30:47+00:00",
"last_run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"evidence_bundle": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "authz-bypass-generic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"artifact_mode": "official-source",
"blocked_reason": "dry-run only",
"metadata": {
"source_names": [
"OSV Next.js"

31
08-threat-intel/registry/runs/gitea-gitea--CVE-2025-68939-20260317063330.json 普通文件
查看文件

@@ -0,0 +1,31 @@
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"system_id": "gitea",
"advisory_id": "gitea--CVE-2025-68939",
"repro_profile_id": "file-upload-generic",
"verification_status": "blocked-artifact",
"verification_mode": "real",
"artifact_mode": "official-image",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [],
"attack_steps": [],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:33:30+00:00",
"finished_at": "2026-03-17T06:33:30+00:00",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/timeline.mmd"
}
}

40
08-threat-intel/registry/runs/nextjs-nextjs--CVE-2025-29927-20260317063047.json 普通文件
查看文件

@@ -0,0 +1,40 @@
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"system_id": "nextjs",
"advisory_id": "nextjs--CVE-2025-29927",
"repro_profile_id": "authz-bypass-generic",
"verification_status": "triage-manual",
"verification_mode": "real",
"artifact_mode": "official-source",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"attack_steps": [
{
"kind": "note",
"tool": null,
"args": [],
"status": "planned"
}
],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:30:47+00:00",
"finished_at": "2026-03-17T06:30:47+00:00",
"blocked_reason": "dry-run only",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/timeline.mmd"
}
}

4
08-threat-intel/registry/systems/gitea.json
查看文件

@@ -15,8 +15,8 @@
],
"verified_real": 0,
"verified_synthetic": 0,
"blocked_count": 0,
"manual_count": 37,
"blocked_count": 1,
"manual_count": 36,
"items": [
"gitea--CVE-2026-0798",
"gitea--CVE-2026-20736",

745
08-threat-intel/repro-map.yaml 普通文件
查看文件

@@ -0,0 +1,745 @@
systems:
- system_id: wordpress
default_repro_family: xss-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: drupal
default_repro_family: xss-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: joomla
default_repro_family: xss-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: ghost
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: strapi
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: directus
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: mediawiki
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: moodle
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: discourse
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: adobe-commerce
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: magento-open-source
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: openmage
default_repro_family: plugin-extension-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: woocommerce
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: prestashop
default_repro_family: file-upload-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: shopware
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: opencart
default_repro_family: file-upload-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: saleor
default_repro_family: session-token-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: medusa
default_repro_family: session-token-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: react
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: nextjs
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-source
- synthetic
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: vue
default_repro_family: xss-generic
provisioning_mode_preference:
- official-source
- synthetic
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: nuxt
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-source
- synthetic
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: vite
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-source
- synthetic
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: angular
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: sveltekit
default_repro_family: session-token-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: astro
default_repro_family: authz-bypass-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: express
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: nestjs
default_repro_family: ssrf-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: koa
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: fastify
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: hapi
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: nodejs
default_repro_family: ssrf-generic
provisioning_mode_preference:
- official-source
- synthetic
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: undici
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: webpack
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: esbuild
default_repro_family: file-upload-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: spring-framework
default_repro_family: deserialization-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: spring-security
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: spring-boot
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: laravel
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: symfony
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: django
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: flask
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: werkzeug
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: rails
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: aspnet-core
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: gin
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: echo
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: nginx
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: apache-httpd
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: apache-tomcat
default_repro_family: authz-bypass-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: caddy
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: traefik
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: haproxy
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: false
seed_strategy: minimal-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: phpmyadmin
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: adminer
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: gitea
default_repro_family: proxy-boundary-generic
provisioning_mode_preference:
- official-image
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: gitlab-ce
default_repro_family: deserialization-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: jenkins
default_repro_family: deserialization-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: grafana
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: kibana
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: mattermost
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report
- system_id: redmine
default_repro_family: xss-generic
provisioning_mode_preference:
- synthetic
- official-source
- synthetic
browser_required_default: true
seed_strategy: default-seed
log_collectors:
- docker-logs
- http-snapshot
report_template: default-lab-report