hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 109 个文件 - 2026-03-18 10:55:52

浏览代码
这个提交包含在:
hao
2026-03-18 10:55:52 -07:00
父节点 1d5cb533e3
当前提交 1f9d9b1d16
修改 109 个文件,包含 10958 行新增1350 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

177
08-threat-intel/source-map.yaml
查看文件

@@ -86,6 +86,17 @@ systems:
advisory_mode: module
keywords: [drupal, module, sa-contrib]
max_items: 50
status: retired
retired_reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
replacement_sources: [Drupal Security Advisories RSS, GHSA Drupal Core]
- name: GHSA Drupal Core
kind: ghsa-global
ecosystem: composer
confidence: ecosystem-authority
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
replacement_sources: [Drupal Security Advisories RSS, NVD Drupal]
research_sources: []
package_names:
- ecosystem: composer
@@ -237,6 +248,9 @@ systems:
advisory_mode: core
keywords: [mediawiki, security]
max_items: 50
status: retired
retired_reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
replacement_sources: [NVD MediaWiki]
- name: NVD MediaWiki
kind: nvd-search
keyword: MediaWiki
@@ -267,6 +281,9 @@ systems:
advisory_mode: core
keywords: [moodle, security]
max_items: 50
status: retired
retired_reason: Moodle security page returned repeated 403 responses from the collector path; NVD replacement remains active.
replacement_sources: [NVD Moodle]
- name: NVD Moodle
kind: nvd-search
keyword: Moodle
@@ -297,13 +314,24 @@ systems:
advisory_mode: core
keywords: [discourse, security]
max_items: 50
- name: GitHub Discourse Advisories
kind: html-links
url: https://github.com/discourse/discourse/security/advisories
status: retired
retired_reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
replacement_sources: [Discourse Release Notes RSS, GitHub Discourse Advisories]
- name: Discourse Release Notes RSS
kind: rss-feed
url: https://meta.discourse.org/tag/release-notes.rss
confidence: official
advisory_mode: core
keywords: [discourse]
max_items: 50
keywords: [discourse, security, cve]
max_items: 60
- name: GitHub Discourse Advisories
kind: ghsa-global
ecosystem: rubygems
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
replacement_sources: [Discourse Release Notes RSS]
ecosystem_sources: []
research_sources: []
package_names:
@@ -330,6 +358,24 @@ systems:
advisory_mode: core
keywords: [adobe commerce, magento, apsb]
max_items: 60
status: retired
retired_reason: Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.
replacement_sources: [Adobe Magento Security Index, NVD Adobe Commerce, GHSA Adobe Commerce]
- name: Adobe Magento Security Index
kind: vendor-index
url: https://helpx.adobe.com/security/products/magento.html
confidence: official
advisory_mode: core
keywords: [adobe commerce, magento, apsb, security]
max_items: 60
request_policy:
user_agent: python-requests/2.31.0
timeout_seconds: 45
verify_tls: false
http_version: "1.1"
parser_hints:
keywords: [adobe commerce, magento, apsb, security]
include_url_patterns: [magento, security, APSB]
- name: NVD Adobe Commerce
kind: nvd-search
keyword: Adobe Commerce
@@ -337,13 +383,24 @@ systems:
advisory_mode: core
results_per_page: 50
ecosystem_sources:
- name: GHSA Adobe Commerce
kind: ghsa-global
ecosystem: composer
confidence: ecosystem-authority
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.
replacement_sources: [Adobe Magento Security Index, NVD Adobe Commerce]
- name: Sansec Research
kind: html-links
kind: vendor-index
url: https://sansec.io/research
confidence: ecosystem-authority
advisory_mode: extension
keywords: [magento, adobe commerce]
max_items: 50
status: retired
retired_reason: Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.
replacement_sources: [GHSA Adobe Commerce, Adobe Magento Security Index]
research_sources: []
package_names:
- ecosystem: composer
@@ -669,6 +726,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
replacement_sources: [GitHub React Advisories, OSV React]
- name: OSV React
kind: osv-batch
confidence: official
@@ -707,6 +767,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
replacement_sources: [GitHub Next.js Advisories, OSV Next.js]
- name: OSV Next.js
kind: osv-batch
confidence: official
@@ -743,6 +806,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
replacement_sources: [Vue Security, OSV Vue]
- name: OSV Vue
kind: osv-batch
confidence: official
@@ -781,6 +847,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
replacement_sources: [Nuxt Security, OSV Nuxt]
- name: OSV Nuxt
kind: osv-batch
confidence: official
@@ -817,6 +886,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
replacement_sources: [Vite Security, OSV Vite]
- name: OSV Vite
kind: osv-batch
confidence: official
@@ -846,6 +918,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.
replacement_sources: [OSV Angular]
- name: OSV Angular
kind: osv-batch
confidence: official
@@ -877,6 +952,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
replacement_sources: [OSV SvelteKit]
- name: OSV SvelteKit
kind: osv-batch
confidence: official
@@ -906,6 +984,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.
replacement_sources: [OSV Astro]
- name: OSV Astro
kind: osv-batch
confidence: official
@@ -935,6 +1016,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
replacement_sources: [OSV Express]
- name: OSV Express
kind: osv-batch
confidence: official
@@ -964,6 +1048,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
replacement_sources: [OSV NestJS]
- name: OSV NestJS
kind: osv-batch
confidence: official
@@ -993,6 +1080,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
replacement_sources: [OSV Koa]
- name: OSV Koa
kind: osv-batch
confidence: official
@@ -1022,6 +1112,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
replacement_sources: [OSV Fastify]
- name: OSV Fastify
kind: osv-batch
confidence: official
@@ -1051,6 +1144,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
replacement_sources: [OSV Hapi]
- name: OSV Hapi
kind: osv-batch
confidence: official
@@ -1110,6 +1206,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
replacement_sources: [OSV Undici]
- name: OSV Undici
kind: osv-batch
confidence: official
@@ -1139,6 +1238,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
replacement_sources: [OSV webpack]
- name: OSV webpack
kind: osv-batch
confidence: official
@@ -1168,6 +1270,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
replacement_sources: [OSV esbuild]
- name: OSV esbuild
kind: osv-batch
confidence: official
@@ -1204,6 +1309,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring Security Advisories remains the active replacement source.
replacement_sources: [Spring Security Advisories]
ecosystem_sources: []
research_sources: []
package_names:
@@ -1238,6 +1346,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
replacement_sources: [Spring Security Advisories]
ecosystem_sources: []
research_sources: []
package_names:
@@ -1270,6 +1381,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
replacement_sources: [Spring Security Advisories]
ecosystem_sources: []
research_sources: []
package_names:
@@ -1295,6 +1409,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
replacement_sources: [OSV Laravel]
- name: OSV Laravel
kind: osv-batch
confidence: official
@@ -1324,6 +1441,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
replacement_sources: [OSV Symfony]
- name: OSV Symfony
kind: osv-batch
confidence: official
@@ -1356,6 +1476,29 @@ systems:
advisory_mode: core
keywords: [django]
max_items: 60
status: retired
retired_reason: Official security tag feed became unstable; use official weblog index and release archive instead.
replacement_sources: [Django Security Weblog, Django Security Releases Archive]
- name: Django Security Weblog
kind: vendor-index
url: https://www.djangoproject.com/weblog/
confidence: official
advisory_mode: core
keywords: [django, security, release]
max_items: 60
parser_hints:
keywords: [django, security, release]
include_url_patterns: [/weblog/]
- name: Django Security Releases Archive
kind: vendor-index
url: https://docs.djangoproject.com/en/dev/releases/security/
confidence: official
advisory_mode: core
keywords: [django, security]
max_items: 40
parser_hints:
keywords: [django, security]
include_url_patterns: [/releases/security/]
- name: OSV Django
kind: osv-batch
confidence: official
@@ -1389,6 +1532,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
replacement_sources: [OSV Flask]
ecosystem_sources: []
research_sources: []
package_names:
@@ -1418,6 +1564,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
replacement_sources: [OSV Werkzeug]
ecosystem_sources: []
research_sources: []
package_names:
@@ -1443,6 +1592,9 @@ systems:
name: GitHub Global Advisories
confidence: official
advisory_mode: core
status: retired
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
replacement_sources: [OSV Rails]
- name: OSV Rails
kind: osv-batch
confidence: official
@@ -1710,6 +1862,16 @@ systems:
advisory_mode: server
keywords: [haproxy, security]
max_items: 50
status: retired
retired_reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
replacement_sources: [HAProxy Blog Feed]
- name: HAProxy Blog Feed
kind: rss-feed
url: https://www.haproxy.com/feed/
confidence: official
advisory_mode: server
keywords: [haproxy, security, cve]
max_items: 40
- name: NVD HAProxy
kind: nvd-search
keyword: HAProxy
@@ -1953,6 +2115,9 @@ systems:
advisory_mode: core
keywords: [mattermost]
max_items: 50
status: retired
retired_reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
replacement_sources: [NVD Mattermost]
- name: NVD Mattermost
kind: nvd-search
keyword: Mattermost