hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 219 个文件 - 2026-03-16 23:45:01

浏览代码
这个提交包含在:
hao
2026-03-16 23:45:01 -07:00
父节点 2974cd9ad9
当前提交 17a26fa7d0
修改 219 个文件,包含 4507 行新增146 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

4
08-threat-intel/generated/coverage-matrix.md
查看文件

@@ -21,7 +21,7 @@
| Flask | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Ghost | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gin | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-03T04:57:57.697708Z` |
| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:0/synthetic:0/blocked:1` | `0` | `1` | `0` | `2026-03-03T04:57:57.697708Z` |
| GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Hapi | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
@@ -37,7 +37,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:14:13.665535Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-13T22:14:13.665535Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |

74
08-threat-intel/generated/dashboard/runs.json
查看文件

@@ -1 +1,73 @@
[]
[
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"system_id": "gitea",
"advisory_id": "gitea--CVE-2025-68939",
"repro_profile_id": "file-upload-generic",
"verification_status": "blocked-artifact",
"verification_mode": "real",
"artifact_mode": "official-image",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [],
"attack_steps": [],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:33:30+00:00",
"finished_at": "2026-03-17T06:33:30+00:00",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/timeline.mmd"
}
},
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"system_id": "nextjs",
"advisory_id": "nextjs--CVE-2025-29927",
"repro_profile_id": "authz-bypass-generic",
"verification_status": "triage-manual",
"verification_mode": "real",
"artifact_mode": "official-source",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"attack_steps": [
{
"kind": "note",
"tool": null,
"args": [],
"status": "planned"
}
],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:30:47+00:00",
"finished_at": "2026-03-17T06:30:47+00:00",
"blocked_reason": "dry-run only",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/timeline.mmd"
}
}
]

81
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,5 +1,80 @@
{
"run_count": 0,
"statuses": {},
"recent_runs": []
"run_count": 2,
"statuses": {
"blocked-artifact": 1,
"triage-manual": 1
},
"recent_runs": [
{
"run_id": "gitea-gitea--CVE-2025-68939-20260317063330",
"system_id": "gitea",
"advisory_id": "gitea--CVE-2025-68939",
"repro_profile_id": "file-upload-generic",
"verification_status": "blocked-artifact",
"verification_mode": "real",
"artifact_mode": "official-image",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [],
"attack_steps": [],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:33:30+00:00",
"finished_at": "2026-03-17T06:33:30+00:00",
"blocked_reason": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260317063330/timeline.mmd"
}
},
{
"run_id": "nextjs-nextjs--CVE-2025-29927-20260317063047",
"system_id": "nextjs",
"advisory_id": "nextjs--CVE-2025-29927",
"repro_profile_id": "authz-bypass-generic",
"verification_status": "triage-manual",
"verification_mode": "real",
"artifact_mode": "official-source",
"target_env": "local-docker",
"compose_services": [
"app"
],
"baseline_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"attack_steps": [
{
"kind": "note",
"tool": null,
"args": [],
"status": "planned"
}
],
"browser_refs": [],
"container_log_refs": [],
"request_log_refs": [
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json",
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json"
],
"timeline": [],
"started_at": "2026-03-17T06:30:47+00:00",
"finished_at": "2026-03-17T06:30:47+00:00",
"blocked_reason": "dry-run only",
"report_refs": {
"bundle_dir": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047",
"report_md": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.md",
"report_html": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html",
"timeline": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/timeline.mmd"
}
}
]
}

4
08-threat-intel/generated/latest-ingest.md
查看文件

@@ -1,10 +1,10 @@
# 最新同步摘要
- 渲染时间: `2026-03-17T06:28:49+00:00`
- 渲染时间: `2026-03-17T06:35:58+00:00`
- 系统数量: `62`
- Advisory 数量: `89`
- 重点 Markdown 数量: `89`
- Run Bundle 数量: `0`
- Run Bundle 数量: `2`
- 新增记录: `0`
- 更新记录: `0`
- Triage 数量: `0`

4
08-threat-intel/generated/run-summary.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-17T06:28:49+00:00",
"generated_at": "2026-03-17T06:35:58+00:00",
"system_count": 62,
"advisory_count": 89,
"markdown_count": 89,
@@ -7,7 +7,7 @@
"updated_count": 0,
"systems_touched": [],
"triage_count": 0,
"run_bundle_count": 0,
"run_bundle_count": 2,
"failures": [
"wordpress::NVD WordPress::SSLError",
"wordpress::WPScan Vulnerability Database::SSLError",