hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 109 个文件 - 2026-03-18 10:55:52

浏览代码
这个提交包含在:
hao
2026-03-18 10:55:52 -07:00
父节点 1d5cb533e3
当前提交 1f9d9b1d16
修改 109 个文件,包含 10958 行新增1350 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

215
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-18T14:45:55+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-18T17:52:49+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -119,7 +119,7 @@
},
{
&quot;label&quot;: &quot;当前漏洞条目&quot;,
&quot;value&quot;: &quot;5&quot;
&quot;value&quot;: &quot;0&quot;
}
],
&quot;fields&quot;: [
@@ -137,7 +137,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-18T14:45:55+00:00&quot;
&quot;value&quot;: &quot;2026-03-18T17:52:49+00:00&quot;
}
],
&quot;links&quot;: [
@@ -356,6 +356,16 @@
&quot;href&quot;: &quot;/docs/source-map.html&quot;,
&quot;description&quot;: &quot;系统覆盖、来源和输出目录真值。&quot;
},
{
&quot;label&quot;: &quot;source catalog audit&quot;,
&quot;href&quot;: &quot;/docs/source-catalog-audit.html&quot;,
&quot;description&quot;: &quot;active/retired source 审计、替代关系与覆盖摘要。&quot;
},
{
&quot;label&quot;: &quot;retired sources&quot;,
&quot;href&quot;: &quot;/docs/retired-sources.html&quot;,
&quot;description&quot;: &quot;退役源、退役原因与 replacement map。&quot;
},
{
&quot;label&quot;: &quot;repro-map 真值&quot;,
&quot;href&quot;: &quot;/docs/repro-map.html&quot;,
@@ -386,6 +396,21 @@
&quot;href&quot;: &quot;/data/completeness.json&quot;,
&quot;description&quot;: &quot;最新 advisory 完整度、系统/family 进度与 ingest 健康度。&quot;
},
{
&quot;label&quot;: &quot;source-health.json&quot;,
&quot;href&quot;: &quot;/data/source-health.json&quot;,
&quot;description&quot;: &quot;active source 健康度、系统分布与失败分类。&quot;
},
{
&quot;label&quot;: &quot;alerts.json&quot;,
&quot;href&quot;: &quot;/data/alerts.json&quot;,
&quot;description&quot;: &quot;source 告警状态机、failure streak 与 resolved 记录。&quot;
},
{
&quot;label&quot;: &quot;monitor-summary.json&quot;,
&quot;href&quot;: &quot;/data/monitor-summary.json&quot;,
&quot;description&quot;: &quot;每日监控摘要、open alerts 与最近全绿时间。&quot;
},
{
&quot;label&quot;: &quot;runs.json&quot;,
&quot;href&quot;: &quot;/runs.json&quot;,
@@ -410,6 +435,11 @@
&quot;label&quot;: &quot;architecture.json&quot;,
&quot;href&quot;: &quot;/architecture.json&quot;,
&quot;description&quot;: &quot;当前架构库结构化 JSON。&quot;
},
{
&quot;label&quot;: &quot;source-catalog-audit.json&quot;,
&quot;href&quot;: &quot;/data/source-catalog-audit.json&quot;,
&quot;description&quot;: &quot;source catalog 审计真值与 retired/replacement 关系。&quot;
}
],
&quot;fields&quot;: [
@@ -572,7 +602,7 @@
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;研究源 0&quot;
],
@@ -606,7 +636,7 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;Discourse Meta Security\nGitHub Discourse Advisories&quot;
&quot;value&quot;: &quot;Discourse Meta Security\nDiscourse Release Notes RSS\nGitHub Discourse Advisories&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
@@ -658,7 +688,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 1&quot;,
&quot;生态源 2&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -695,7 +725,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Drupal Security Advisories Site&quot;
&quot;value&quot;: &quot;Drupal Security Advisories Site\nGHSA Drupal Core&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -1528,7 +1558,7 @@
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;官方源 4&quot;,
&quot;生态源 0&quot;,
&quot;研究源 0&quot;
],
@@ -1562,7 +1592,7 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;Django Security RSS\nOSV Django&quot;
&quot;value&quot;: &quot;Django Security RSS\nDjango Security Weblog\nDjango Security Releases Archive\nOSV Django&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
@@ -4800,7 +4830,7 @@
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;研究源 0&quot;
],
@@ -4834,7 +4864,7 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;HAProxy Security Advisories\nNVD HAProxy&quot;
&quot;value&quot;: &quot;HAProxy Security Advisories\nHAProxy Blog Feed\nNVD HAProxy&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
@@ -5076,8 +5106,8 @@
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 1&quot;,
&quot;官方源 3&quot;,
&quot;生态源 2&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5110,11 +5140,11 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;Adobe Security Bulletins\nNVD Adobe Commerce&quot;
&quot;value&quot;: &quot;Adobe Security Bulletins\nAdobe Magento Security Index\nNVD Adobe Commerce&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Sansec Research&quot;
&quot;value&quot;: &quot;GHSA Adobe Commerce\nSansec Research&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5945,15 +5975,15 @@
},
{
&quot;label&quot;: &quot;Advisory 数&quot;,
&quot;value&quot;: &quot;5&quot;
&quot;value&quot;: &quot;0&quot;
},
{
&quot;label&quot;: &quot;状态类型&quot;,
&quot;value&quot;: &quot;1&quot;
&quot;value&quot;: &quot;0&quot;
},
{
&quot;label&quot;: &quot;最近失败&quot;,
&quot;value&quot;: &quot;5&quot;
&quot;value&quot;: &quot;0&quot;
}
],
&quot;items&quot;: [
@@ -5961,23 +5991,7 @@
&quot;title&quot;: &quot;状态分布&quot;,
&quot;summary&quot;: &quot;verification_status 当前计数。&quot;,
&quot;open&quot;: false,
&quot;items&quot;: [
{
&quot;title&quot;: &quot;人工分诊&quot;,
&quot;summary&quot;: &quot;当前累计 5 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;状态编码&quot;,
&quot;value&quot;: &quot;triage-manual&quot;
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;5&quot;
}
]
}
]
&quot;items&quot;: []
},
{
&quot;title&quot;: &quot;最近失败&quot;,
@@ -5985,134 +5999,9 @@
&quot;open&quot;: false,
&quot;items&quot;: [
{
&quot;title&quot;: &quot;Next.js: Unbounded postponed resume buffering can lead to DoS&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2026-27979&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Next.js: Unbounded next/image disk cache growth can exhaust storage&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2026-27980&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Next.js: HTTP request smuggling in rewrites&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2026-29057&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Next.js: null origin can bypass Server Actions CSRF checks&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2026-27978&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
},
{
&quot;title&quot;: &quot;Next.js: null origin can bypass dev HMR websocket CSRF checks&quot;,
&quot;summary&quot;: &quot;无额外阻塞说明。&quot;,
&quot;open&quot;: false,
&quot;badges&quot;: [
&quot;人工分诊&quot;
],
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;运行 ID&quot;,
&quot;value&quot;: &quot;-&quot;
},
{
&quot;label&quot;: &quot;漏洞条目&quot;,
&quot;value&quot;: &quot;nextjs--CVE-2026-27977&quot;
},
{
&quot;label&quot;: &quot;状态&quot;,
&quot;value&quot;: &quot;人工分诊&quot;
},
{
&quot;label&quot;: &quot;阻塞原因&quot;,
&quot;value&quot;: &quot;-&quot;
}
]
&quot;title&quot;: &quot;暂无失败样本&quot;,
&quot;summary&quot;: &quot;当前 summary.json 中没有 recent_failures&quot;,
&quot;open&quot;: false
}
]
}