hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 103 个文件 - 2026-03-18 19:24:37

浏览代码
这个提交包含在:
hao
2026-03-18 19:24:37 -07:00
父节点 8e13fcfbe0
当前提交 9b0d72b112
修改 103 个文件,包含 8985 行新增1381 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

4
08-threat-intel/generated/coverage-matrix.md
查看文件

@@ -37,7 +37,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `2` | `2026-03-02T20:30:10.923` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-17T16:31:34.160932Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-18T22:02:16.858114Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `110` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `110` | `2025-08-12T17:24:44.367` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `8` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `8` | `2025-01-21` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `28` | `5` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `23` | `2025-09-18T13:04:21Z` |
@@ -57,7 +57,7 @@
| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `3` | `3` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-28T06:27:26.115188Z` |
| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `9` | `9` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:16:14.858636Z` |
| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `43` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-18T13:59:10.423590Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-14T09:19:54.772219Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-18T23:58:57.714731Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `42` | `16` | `3` | `seeded` | `real:12/synthetic:0/blocked:0` | `12` | `12` | `26` | `2026-02-04T04:37:24.129476Z` |
| Vue | `frameworks` | `history-full` | `yes` | `yes` | `15` | `1` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `14` | `2024-10-24T19:12:14.925352Z` |
| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `1` | `2026-02-27T17:21:22.370` |

543
08-threat-intel/generated/dashboard/advisories.json
查看文件

@@ -2698,6 +2698,278 @@
"refs": []
}
},
"undici--CVE-2026-2581": {
"canonical_id": "undici--CVE-2026-2581",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"summary": "## Impact\nThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when `interceptors.deduplicate()` is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\n## Patches\n\nThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\n\n## Workarounds\nIf upgrading immediately is not possible:\n\n- Disable `interceptors.deduplicate()` for affected clients/routes.\n- Use `skipHeaderNames` with a marker header to force high-risk requests to bypass deduplication.\n- Avoid concurrent identical requests to untrusted endpoints that may return very large/chunked bodies.\n- Apply upstream/proxy response-size and timeout limits.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:37:58Z",
"updated_at": "2026-03-18T23:58:57.714731Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"https://hackerone.com/reports/3513473",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-2581",
"GHSA-phc3-fgpg-7m6h"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1526": {
"canonical_id": "undici--CVE-2026-1526",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"summary": "## Description\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the `PerMessageDeflate.decompress()` method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\n\n## Impact\n\n- Remote denial of service against any Node.js application using undici's WebSocket client\n- A single compressed WebSocket frame of ~6 MB can decompress to ~1 GB or more\n- Memory exhaustion occurs in native/external memory, bypassing V8 heap limits\n- No application-level mitigation is possible as decompression occurs before message delivery\n\n### Patches\n\nUsers should upgrade to fixed versions.\n\n### Workarounds\n\nNo workaround are possible.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:56Z",
"updated_at": "2026-03-18T22:58:59.936049Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"https://hackerone.com/reports/3481206",
"https://cna.openjsf.org/security-advisories.html",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://owasp.org/www-community/attacks/Denial_of_Service"
],
"aliases": [
"CVE-2026-1526",
"GHSA-vrm6-8vpv-qv8q"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"plugin-extension-trust-policy"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1528": {
"canonical_id": "undici--CVE-2026-1528",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"summary": "### Impact\nA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. \n\n### Patches\n\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nThere are no workarounds.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:26Z",
"updated_at": "2026-03-18T22:58:59.863318Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"https://hackerone.com/reports/3537648",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-1528",
"GHSA-f269-vfmq-vjvj"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1525": {
"canonical_id": "undici--CVE-2026-1525",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"summary": "### Impact\n\nUndici allows duplicate HTTP `Content-Length` headers when they are provided in an array with case-variant names (e.g., `Content-Length` and `content-length`). This produces malformed HTTP/1.1 requests with multiple conflicting `Content-Length` values on the wire.\n\n**Who is impacted:**\n - Applications using `undici.request()`, `undici.Client`, or similar low-level APIs with headers passed as flat arrays\n - Applications that accept user-controlled header names without case-normalization\n\n**Potential consequences:**\n - **Denial of Service**: Strict HTTP parsers (proxies, servers) will reject requests with duplicate `Content-Length` headers (400 Bad Request)\n - **HTTP Request Smuggling**: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\n If upgrading is not immediately possible:\n\n 1. **Validate header names**: Ensure no duplicate `Content-Length` headers (case-insensitive) are present before passing headers to undici\n 2. **Use object format**: Pass headers as a plain object (`{ 'content-length': '123' }`) rather than an array, which naturally deduplicates by key\n 3. **Sanitize user input**: If headers originate from user input, normalize header names to lowercase and reject duplicates",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:03Z",
"updated_at": "2026-03-18T22:58:59.626657Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"https://hackerone.com/reports/3556037",
"https://cna.openjsf.org/security-advisories.html",
"https://cwe.mitre.org/data/definitions/444.html",
"https://github.com/nodejs/undici",
"https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
],
"aliases": [
"CVE-2026-1525",
"GHSA-2mjp-6q6p-2qxm"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"request-smuggling-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1527": {
"canonical_id": "undici--CVE-2026-1527",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"summary": "### Impact\n\nWhen an application passes user-controlled input to the `upgrade` option of `client.request()`, an attacker can inject CRLF sequences (`\\r\\n`) to:\n\n1. Inject arbitrary HTTP headers\n2. Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\n\nThe vulnerability exists because undici writes the `upgrade` value directly to the socket without validating for invalid header characters:\n\n```javascript\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\n```\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nSanitize the `upgrade` option string before passing to undici:\n\n```javascript\nfunction sanitizeUpgrade(value) {\n if (/[\\r\\n]/.test(value)) {\n throw new Error('Invalid upgrade value')\n }\n return value\n}\n\nclient.request({\n upgrade: sanitizeUpgrade(userInput)\n})\n```",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:26Z",
"updated_at": "2026-03-18T22:58:58.996775Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"https://hackerone.com/reports/3487198",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-1527",
"GHSA-4992-7rv2-5pvq"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-2229": {
"canonical_id": "undici--CVE-2026-2229",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"summary": "### Impact\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the `server_max_window_bits` parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range `server_max_window_bits` value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n1. The `isValidClientWindowBits()` function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n2. The `createInflateRaw()` call is not wrapped in a try-catch block\n3. The resulting exception propagates up through the call stack and crashes the Node.js process\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:41Z",
"updated_at": "2026-03-18T22:58:58.908047Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"https://hackerone.com/reports/3487486",
"https://cna.openjsf.org/security-advisories.html",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://nodejs.org/api/zlib.html#class-zlibinflateraw"
],
"aliases": [
"CVE-2026-2229",
"GHSA-v9p9-hfj2-hcw8"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"plugin-extension-trust-policy"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"nextjs--CVE-2026-29057": {
"canonical_id": "nextjs--CVE-2026-29057",
"title": "Next.js: HTTP request smuggling in rewrites",
"summary": "## Summary\nWhen Next.js rewrites proxy traffic to an external backend, a crafted `DELETE`/`OPTIONS` request using `Transfer-Encoding: chunked` could trigger request boundary disagreement between the proxy and backend. This could allow request smuggling through rewritten routes.\n\n## Impact\nAn attacker could smuggle a second request to unintended backend routes (for example, internal/admin endpoints), bypassing assumptions that only the configured rewrite destination/path is reachable. This does not impact applications hosted on providers that handle rewrites at the CDN level, such as Vercel. \n\n## Patches\nThe vulnerability originated in an upstream library vendored by Next.js. It is fixed by updating that dependency\u2019s behavior so `content-length: 0` is added only when both `content-length` and `transfer-encoding` are absent, and `transfer-encoding` is no longer removed in that code path.\n\n## Workarounds\nIf upgrade is not immediately possible:\n- Block chunked `DELETE`/`OPTIONS` requests on rewritten routes at your edge/proxy.\n- Enforce authentication/authorization on backend routes per our [security guidance](https://nextjs.org/docs/app/guides/data-security).",
"display_name": "Next.js",
"system_id": "nextjs",
"category": "frameworks",
"severity": "medium",
"cvss_score": 4.0,
"exploit_status": "unknown",
"published_at": "2026-03-17T16:17:15Z",
"updated_at": "2026-03-18T22:02:16.858114Z",
"official_source_url": "https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-29057",
"https://github.com/vercel/next.js/commit/dc98c04f376c6a1df76ec3e0a2d07edf4abdabd6",
"https://github.com/vercel/next.js",
"https://github.com/vercel/next.js/releases/tag/v15.5.13",
"https://github.com/vercel/next.js/releases/tag/v16.1.7"
],
"aliases": [
"CVE-2026-29057",
"GHSA-ggv3-7p47-pfv8"
],
"secure_code_topics": [
"authz-server-side-recheck",
"proxy-trust-boundary",
"token-cookie-storage",
"request-smuggling-boundary",
"dependency-upgrade-policy"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"artifact_mode": "official-source",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"traefik--CVE-2026-29777": {
"canonical_id": "traefik--CVE-2026-29777",
"title": "Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values",
@@ -4522,46 +4794,6 @@
"refs": []
}
},
"nextjs--CVE-2026-29057": {
"canonical_id": "nextjs--CVE-2026-29057",
"title": "Next.js: HTTP request smuggling in rewrites",
"summary": "## Summary\nWhen Next.js rewrites proxy traffic to an external backend, a crafted `DELETE`/`OPTIONS` request using `Transfer-Encoding: chunked` could trigger request boundary disagreement between the proxy and backend. This could allow request smuggling through rewritten routes.\n\n## Impact\nAn attacker could smuggle a second request to unintended backend routes (for example, internal/admin endpoints), bypassing assumptions that only the configured rewrite destination/path is reachable. This does not impact applications hosted on providers that handle rewrites at the CDN level, such as Vercel. \n\n## Patches\nThe vulnerability originated in an upstream library vendored by Next.js. It is fixed by updating that dependency\u2019s behavior so `content-length: 0` is added only when both `content-length` and `transfer-encoding` are absent, and `transfer-encoding` is no longer removed in that code path.\n\n## Workarounds\nIf upgrade is not immediately possible:\n- Block chunked `DELETE`/`OPTIONS` requests on rewritten routes at your edge/proxy.\n- Enforce authentication/authorization on backend routes per our [security guidance](https://nextjs.org/docs/app/guides/data-security).",
"display_name": "Next.js",
"system_id": "nextjs",
"category": "frameworks",
"severity": "medium",
"cvss_score": 4.0,
"exploit_status": "unknown",
"published_at": "2026-03-17T16:17:15Z",
"updated_at": "2026-03-17T16:31:26.646070Z",
"official_source_url": "https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8",
"secondary_source_urls": [
"https://github.com/vercel/next.js/commit/dc98c04f376c6a1df76ec3e0a2d07edf4abdabd6",
"https://github.com/vercel/next.js",
"https://github.com/vercel/next.js/releases/tag/v15.5.13",
"https://github.com/vercel/next.js/releases/tag/v16.1.7"
],
"aliases": [
"CVE-2026-29057",
"GHSA-ggv3-7p47-pfv8"
],
"secure_code_topics": [
"authz-server-side-recheck",
"proxy-trust-boundary",
"token-cookie-storage",
"request-smuggling-boundary",
"dependency-upgrade-policy"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"artifact_mode": "official-source",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"nextjs--CVE-2026-27978": {
"canonical_id": "nextjs--CVE-2026-27978",
"title": "Next.js: null origin can bypass Server Actions CSRF checks",
@@ -4935,83 +5167,6 @@
"refs": []
}
},
"undici--CVE-2026-1525": {
"canonical_id": "undici--CVE-2026-1525",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"summary": "### Impact\n\nUndici allows duplicate HTTP `Content-Length` headers when they are provided in an array with case-variant names (e.g., `Content-Length` and `content-length`). This produces malformed HTTP/1.1 requests with multiple conflicting `Content-Length` values on the wire.\n\n**Who is impacted:**\n - Applications using `undici.request()`, `undici.Client`, or similar low-level APIs with headers passed as flat arrays\n - Applications that accept user-controlled header names without case-normalization\n\n**Potential consequences:**\n - **Denial of Service**: Strict HTTP parsers (proxies, servers) will reject requests with duplicate `Content-Length` headers (400 Bad Request)\n - **HTTP Request Smuggling**: In deployments where an intermediary and backend interpret duplicate headers inconsistently (e.g., one uses the first value, the other uses the last), this can enable request smuggling attacks leading to ACL bypass, cache poisoning, or credential hijacking\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\n If upgrading is not immediately possible:\n\n 1. **Validate header names**: Ensure no duplicate `Content-Length` headers (case-insensitive) are present before passing headers to undici\n 2. **Use object format**: Pass headers as a plain object (`{ 'content-length': '123' }`) rather than an array, which naturally deduplicates by key\n 3. **Sanitize user input**: If headers originate from user input, normalize header names to lowercase and reject duplicates",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:03Z",
"updated_at": "2026-03-14T09:19:54.772219Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"https://hackerone.com/reports/3556037",
"https://cwe.mitre.org/data/definitions/444.html",
"https://github.com/nodejs/undici",
"https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
],
"aliases": [
"CVE-2026-1525",
"GHSA-2mjp-6q6p-2qxm"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"request-smuggling-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1528": {
"canonical_id": "undici--CVE-2026-1528",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"summary": "### Impact\nA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. \n\n### Patches\n\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nThere are no workarounds.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:26Z",
"updated_at": "2026-03-14T09:17:45.838435Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"https://hackerone.com/reports/3537648",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-1528",
"GHSA-f269-vfmq-vjvj"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"traefik--GHSA-4hjq-9h5c-252j": {
"canonical_id": "traefik--GHSA-4hjq-9h5c-252j",
"title": "Traefik: HTTP/2 frames can cause a running server to panic",
@@ -5954,160 +6109,6 @@
"refs": []
}
},
"undici--CVE-2026-2229": {
"canonical_id": "undici--CVE-2026-2229",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"summary": "### Impact\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the `server_max_window_bits` parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. A malicious server can respond with an out-of-range `server_max_window_bits` value (outside zlib's valid range of 8-15). When the server subsequently sends a compressed frame, the client attempts to create a zlib InflateRaw instance with the invalid windowBits value, causing a synchronous RangeError exception that is not caught, resulting in immediate process termination.\n\nThe vulnerability exists because:\n\n1. The `isValidClientWindowBits()` function only validates that the value contains ASCII digits, not that it falls within the valid range 8-15\n2. The `createInflateRaw()` call is not wrapped in a try-catch block\n3. The resulting exception propagates up through the call stack and crashes the Node.js process\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:41Z",
"updated_at": "2026-03-13T20:54:26.149214Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"https://hackerone.com/reports/3487486",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://nodejs.org/api/zlib.html#class-zlibinflateraw"
],
"aliases": [
"CVE-2026-2229",
"GHSA-v9p9-hfj2-hcw8"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"plugin-extension-trust-policy"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1527": {
"canonical_id": "undici--CVE-2026-1527",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"summary": "### Impact\n\nWhen an application passes user-controlled input to the `upgrade` option of `client.request()`, an attacker can inject CRLF sequences (`\\r\\n`) to:\n\n1. Inject arbitrary HTTP headers\n2. Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services (Redis, Memcached, Elasticsearch)\n\nThe vulnerability exists because undici writes the `upgrade` value directly to the socket without validating for invalid header characters:\n\n```javascript\n// lib/dispatcher/client-h1.js:1121\nif (upgrade) {\n header += `connection: upgrade\\r\\nupgrade: ${upgrade}\\r\\n`\n}\n```\n\n### Patches\n\n Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.\n\n### Workarounds\n\nSanitize the `upgrade` option string before passing to undici:\n\n```javascript\nfunction sanitizeUpgrade(value) {\n if (/[\\r\\n]/.test(value)) {\n throw new Error('Invalid upgrade value')\n }\n return value\n}\n\nclient.request({\n upgrade: sanitizeUpgrade(userInput)\n})\n```",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:26Z",
"updated_at": "2026-03-13T20:54:25.572106Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"https://hackerone.com/reports/3487198",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-1527",
"GHSA-4992-7rv2-5pvq"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-1526": {
"canonical_id": "undici--CVE-2026-1526",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"summary": "## Description\n\nThe undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage-deflate extension, the client decompresses incoming compressed frames without enforcing any limit on the decompressed data size. A malicious WebSocket server can send a small compressed frame (a \"decompression bomb\") that expands to an extremely large size in memory, causing the Node.js process to exhaust available memory and crash or become unresponsive.\n\nThe vulnerability exists in the `PerMessageDeflate.decompress()` method, which accumulates all decompressed chunks in memory and concatenates them into a single Buffer without checking whether the total size exceeds a safe threshold.\n\n## Impact\n\n- Remote denial of service against any Node.js application using undici's WebSocket client\n- A single compressed WebSocket frame of ~6 MB can decompress to ~1 GB or more\n- Memory exhaustion occurs in native/external memory, bypassing V8 heap limits\n- No application-level mitigation is possible as decompression occurs before message delivery\n\n### Patches\n\nUsers should upgrade to fixed versions.\n\n### Workarounds\n\nNo workaround are possible.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:56Z",
"updated_at": "2026-03-13T20:54:25.563997Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"https://hackerone.com/reports/3481206",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://owasp.org/www-community/attacks/Denial_of_Service"
],
"aliases": [
"CVE-2026-1526",
"GHSA-vrm6-8vpv-qv8q"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary",
"plugin-extension-trust-policy"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"undici--CVE-2026-2581": {
"canonical_id": "undici--CVE-2026-2581",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"summary": "## Impact\nThis is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).\n\nIn vulnerable Undici versions, when `interceptors.deduplicate()` is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.\n\nImpacted users are applications that use Undici\u2019s deduplication interceptor against endpoints that may produce large or long-lived response bodies.\n\n## Patches\n\nThe issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.\n\nUsers should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.\n\n## Workarounds\nIf upgrading immediately is not possible:\n\n- Disable `interceptors.deduplicate()` for affected clients/routes.\n- Use `skipHeaderNames` with a marker header to force high-risk requests to bypass deduplication.\n- Avoid concurrent identical requests to untrusted endpoints that may return very large/chunked bodies.\n- Apply upstream/proxy response-size and timeout limits.",
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:37:58Z",
"updated_at": "2026-03-13T20:54:25.417862Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"https://hackerone.com/reports/3513473",
"https://github.com/nodejs/undici"
],
"aliases": [
"CVE-2026-2581",
"GHSA-phc3-fgpg-7m6h"
],
"secure_code_topics": [
"ssrf-url-validation",
"proxy-trust-boundary"
],
"verification_status": "verified-real",
"verification_mode": "real",
"artifact_mode": "local-fixture",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
}
},
"traefik--GHSA-gv8r-9rw9-9697": {
"canonical_id": "traefik--GHSA-gv8r-9rw9-9697",
"title": "Traefik affected by TLS ClientAuth Bypass on HTTP/3",

62
08-threat-intel/generated/dashboard/architecture.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T21:23:23+00:00",
"generated_at": "2026-03-19T02:23:04+00:00",
"title": "\u5f53\u524d\u67b6\u6784\u5e93",
"summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
"sections": [
@@ -49,7 +49,7 @@
},
{
"label": "\u751f\u6210\u65f6\u95f4",
"value": "2026-03-18T21:23:23+00:00"
"value": "2026-03-19T02:23:04+00:00"
}
],
"links": [
@@ -600,7 +600,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 2",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -637,7 +637,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "Drupal Security Advisories Site\nGHSA Drupal Core"
"value": "OSV Drupal"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -685,7 +685,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -722,7 +722,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Ghost"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -770,7 +770,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -807,7 +807,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Joomla"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -855,7 +855,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 3",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -892,7 +892,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV MediaWiki"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -940,7 +940,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -977,7 +977,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Moodle"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -1143,7 +1143,7 @@
"fields": [
{
"label": "\u5b98\u65b9\u6765\u6e90",
"value": "WordPress Security News\nNVD WordPress"
"value": "WordPress Security News RSS\nNVD WordPress"
},
{
"label": "\u751f\u6001\u6765\u6e90",
@@ -4212,7 +4212,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 3",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -4249,7 +4249,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Mattermost"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -4297,7 +4297,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -4334,7 +4334,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Redmine"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -4382,7 +4382,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -4419,7 +4419,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV phpMyAdmin"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5274,7 +5274,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5311,7 +5311,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV OpenCart"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5359,7 +5359,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5396,7 +5396,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV OpenMage"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5444,7 +5444,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 3",
"\u751f\u6001\u6e90 1",
"\u751f\u6001\u6e90 2",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5481,7 +5481,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "Friends Of Presta Security"
"value": "OSV PrestaShop\nFriends Of Presta Security"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5529,7 +5529,7 @@
"badges": [
"\u8fd1\u4e24\u5e74\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5566,7 +5566,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Saleor"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5614,7 +5614,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 2",
"\u751f\u6001\u6e90 0",
"\u751f\u6001\u6e90 1",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5651,7 +5651,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "-"
"value": "OSV Shopware"
},
{
"label": "\u7814\u7a76\u6765\u6e90",
@@ -5699,7 +5699,7 @@
"badges": [
"\u5386\u53f2\u5168\u91cf",
"\u5b98\u65b9\u6e90 3",
"\u751f\u6001\u6e90 2",
"\u751f\u6001\u6e90 3",
"\u7814\u7a76\u6e90 0"
],
"fields": [
@@ -5736,7 +5736,7 @@
},
{
"label": "\u751f\u6001\u6765\u6e90",
"value": "Patchstack Database\nWordfence Vulnerability Database"
"value": "OSV WooCommerce\nPatchstack Database\nWordfence Vulnerability Database"
},
{
"label": "\u7814\u7a76\u6765\u6e90",

38
08-threat-intel/generated/dashboard/data/completeness.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T21:23:23+00:00",
"generated_at": "2026-03-19T02:23:04+00:00",
"advisory_total": 89,
"registry_advisory_total": 2392,
"scope": "latest-run-backed-advisories",
@@ -168,35 +168,43 @@
}
],
"ingest_health": {
"failure_count": 0,
"failures": []
"failure_count": 4,
"failures": [
"django::OSV Django::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"flask::OSV Flask::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"spring-security::OSV Spring Security::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"symfony::OSV Symfony::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))"
]
},
"source_health": {
"active_source_count": 125,
"green_source_count": 125,
"active_source_count": 118,
"green_source_count": 118,
"failure_count": 0,
"last_fully_green_run": "2026-03-18T21:09:25+00:00",
"last_fully_green_run": "2026-03-19T02:22:24+00:00",
"open_alert_count": 0,
"resolved_alert_count": 0
},
"monitor_summary": {
"generated_at": "2026-03-18T21:09:25+00:00",
"active_source_count": 125,
"green_source_count": 125,
"generated_at": "2026-03-19T02:22:24+00:00",
"active_source_count": 118,
"green_source_count": 118,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 0,
"last_fully_green_run": "2026-03-18T21:09:25+00:00",
"last_fully_green_run": "2026-03-19T02:22:24+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 161,
"retired_source_count": 36
"source_count": 173,
"retired_source_count": 55
},
"ingest": {
"new_count": 0,
"updated_count": 0,
"failure_count": 0,
"systems_touched": []
"updated_count": 7,
"failure_count": 4,
"systems_touched": [
"nextjs",
"undici"
]
},
"validation": {
"passed": true,

21
08-threat-intel/generated/dashboard/data/monitor-summary.json
查看文件

@@ -1,21 +1,24 @@
{
"generated_at": "2026-03-18T21:09:25+00:00",
"active_source_count": 125,
"green_source_count": 125,
"generated_at": "2026-03-19T02:22:24+00:00",
"active_source_count": 118,
"green_source_count": 118,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 0,
"last_fully_green_run": "2026-03-18T21:09:25+00:00",
"last_fully_green_run": "2026-03-19T02:22:24+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 161,
"retired_source_count": 36
"source_count": 173,
"retired_source_count": 55
},
"ingest": {
"new_count": 0,
"updated_count": 0,
"failure_count": 0,
"systems_touched": []
"updated_count": 7,
"failure_count": 4,
"systems_touched": [
"nextjs",
"undici"
]
},
"validation": {
"passed": true,

623
08-threat-intel/generated/dashboard/data/source-catalog-audit.json
查看文件

@@ -1,10 +1,10 @@
{
"generated_at": "2026-03-18T21:16:34+00:00",
"generated_at": "2026-03-19T02:22:09+00:00",
"system_count": 62,
"source_count": 161,
"active_source_count": 125,
"retired_source_count": 36,
"systems_with_active_official": 62,
"source_count": 173,
"active_source_count": 118,
"retired_source_count": 55,
"systems_with_active_official": 61,
"systems_with_machine_readable_source": 62,
"systems": [
{
@@ -177,11 +177,11 @@
"display_name": "Drupal",
"category": "cms",
"tier": "history-full",
"source_total": 4,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 2,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -208,12 +208,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -223,12 +223,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -267,11 +267,11 @@
"display_name": "Ghost",
"category": "cms",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -387,11 +387,11 @@
"display_name": "Joomla",
"category": "cms",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -462,11 +462,11 @@
"display_name": "Mattermost",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 3,
"source_total": 4,
"active_source_total": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -477,11 +477,11 @@
"display_name": "MediaWiki",
"category": "cms",
"tier": "rolling-24m",
"source_total": 3,
"source_total": 4,
"active_source_total": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -507,14 +507,14 @@
"display_name": "Moodle",
"category": "cms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 1,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 0,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
"has_active_official": false,
"has_machine_readable_source": true
},
{
@@ -523,12 +523,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -597,11 +597,11 @@
"display_name": "OpenCart",
"category": "ecommerce",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -612,11 +612,11 @@
"display_name": "OpenMage / Mage-OS",
"category": "ecommerce",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -627,11 +627,11 @@
"display_name": "phpMyAdmin",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -642,11 +642,11 @@
"display_name": "PrestaShop",
"category": "ecommerce",
"tier": "history-full",
"source_total": 4,
"source_total": 5,
"active_source_total": 4,
"retired_source_total": 0,
"official_active": 3,
"ecosystem_active": 1,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 2,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -658,12 +658,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -687,11 +687,11 @@
"display_name": "Redmine",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -702,11 +702,11 @@
"display_name": "Saleor",
"category": "ecommerce",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -717,11 +717,11 @@
"display_name": "Shopware",
"category": "ecommerce",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -838,12 +838,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -883,12 +883,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -912,11 +912,11 @@
"display_name": "WooCommerce",
"category": "ecommerce",
"tier": "history-full",
"source_total": 5,
"source_total": 6,
"active_source_total": 5,
"retired_source_total": 0,
"official_active": 3,
"ecosystem_active": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 3,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -928,9 +928,9 @@
"category": "cms",
"tier": "history-full",
"source_total": 6,
"active_source_total": 6,
"retired_source_total": 0,
"official_active": 2,
"active_source_total": 5,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 3,
"research_active": 1,
"machine_readable_active": 1,
@@ -1045,26 +1045,13 @@
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "Drupal Security Advisories Site",
"bucket": "ecosystem_sources",
"kind": "html-links",
"retired_reason": "Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.",
"source_name": "NVD Drupal",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"GHSA Drupal Core"
],
"url": "https://www.drupal.org/security"
},
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "GHSA Drupal Core",
"bucket": "ecosystem_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"NVD Drupal"
"OSV Drupal"
],
"url": ""
},
@@ -1080,6 +1067,18 @@
],
"url": ""
},
{
"system_id": "esbuild",
"display_name": "esbuild",
"source_name": "NVD esbuild",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV esbuild replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV esbuild"
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
@@ -1092,6 +1091,18 @@
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
"source_name": "NVD Express.js",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Express replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Express"
],
"url": ""
},
{
"system_id": "fastify",
"display_name": "Fastify",
@@ -1116,6 +1127,19 @@
],
"url": ""
},
{
"system_id": "ghost",
"display_name": "Ghost",
"source_name": "NVD Ghost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
],
"url": ""
},
{
"system_id": "hapi",
"display_name": "Hapi",
@@ -1140,6 +1164,19 @@
],
"url": "https://www.haproxy.org/security/"
},
{
"system_id": "joomla",
"display_name": "Joomla",
"source_name": "NVD Joomla",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
],
"url": ""
},
{
"system_id": "koa",
"display_name": "Koa",
@@ -1176,6 +1213,19 @@
],
"url": "https://mattermost.com/security-updates/"
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"source_name": "NVD Mattermost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
],
"url": ""
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
@@ -1189,6 +1239,19 @@
],
"url": "https://www.mediawiki.org/wiki/Security"
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"source_name": "NVD MediaWiki",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
],
"url": ""
},
{
"system_id": "moodle",
"display_name": "Moodle",
@@ -1201,6 +1264,18 @@
],
"url": "https://moodle.org/security/"
},
{
"system_id": "moodle",
"display_name": "Moodle",
"source_name": "NVD Moodle",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.",
"replacement_sources": [
"OSV Moodle"
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
@@ -1213,6 +1288,18 @@
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
"source_name": "NVD NestJS",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV NestJS replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV NestJS"
],
"url": ""
},
{
"system_id": "nextjs",
"display_name": "Next.js",
@@ -1239,6 +1326,59 @@
],
"url": ""
},
{
"system_id": "opencart",
"display_name": "OpenCart",
"source_name": "NVD OpenCart",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
],
"url": ""
},
{
"system_id": "openmage",
"display_name": "OpenMage / Mage-OS",
"source_name": "NVD OpenMage",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenMage replaces NVD for machine-readable composer-aligned collection.",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
],
"url": ""
},
{
"system_id": "phpmyadmin",
"display_name": "phpMyAdmin",
"source_name": "NVD phpMyAdmin",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
],
"url": ""
},
{
"system_id": "prestashop",
"display_name": "PrestaShop",
"source_name": "NVD PrestaShop",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
@@ -1251,6 +1391,18 @@
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
"source_name": "NVD Ruby on Rails",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Rails replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Rails"
],
"url": ""
},
{
"system_id": "react",
"display_name": "React",
@@ -1264,6 +1416,44 @@
],
"url": ""
},
{
"system_id": "redmine",
"display_name": "Redmine",
"source_name": "NVD Redmine",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.",
"replacement_sources": [
"Redmine Security Advisories"
],
"url": ""
},
{
"system_id": "saleor",
"display_name": "Saleor",
"source_name": "NVD Saleor",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
],
"url": ""
},
{
"system_id": "shopware",
"display_name": "Shopware",
"source_name": "NVD Shopware",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
],
"url": ""
},
{
"system_id": "spring-boot",
"display_name": "Spring Boot",
@@ -1339,6 +1529,18 @@
],
"url": ""
},
{
"system_id": "undici",
"display_name": "Undici",
"source_name": "NVD Undici",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Undici replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Undici"
],
"url": ""
},
{
"system_id": "vite",
"display_name": "Vite",
@@ -1377,6 +1579,18 @@
],
"url": ""
},
{
"system_id": "webpack",
"display_name": "webpack",
"source_name": "NVD webpack",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV webpack replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV webpack"
],
"url": ""
},
{
"system_id": "werkzeug",
"display_name": "Werkzeug",
@@ -1388,6 +1602,34 @@
"OSV Werkzeug"
],
"url": ""
},
{
"system_id": "woocommerce",
"display_name": "WooCommerce",
"source_name": "NVD WooCommerce",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
],
"url": ""
},
{
"system_id": "wordpress",
"display_name": "WordPress",
"source_name": "NVD WordPress",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
],
"url": ""
}
],
"replacement_map": [
@@ -1456,18 +1698,10 @@
},
{
"system_id": "drupal",
"retired_source": "Drupal Security Advisories Site",
"retired_source": "NVD Drupal",
"replacement_sources": [
"Drupal Security Advisories RSS",
"GHSA Drupal Core"
]
},
{
"system_id": "drupal",
"retired_source": "GHSA Drupal Core",
"replacement_sources": [
"Drupal Security Advisories RSS",
"NVD Drupal"
"OSV Drupal"
]
},
{
@@ -1477,6 +1711,13 @@
"OSV esbuild"
]
},
{
"system_id": "esbuild",
"retired_source": "NVD esbuild",
"replacement_sources": [
"OSV esbuild"
]
},
{
"system_id": "express",
"retired_source": "GitHub Global Advisories",
@@ -1484,6 +1725,13 @@
"OSV Express"
]
},
{
"system_id": "express",
"retired_source": "NVD Express.js",
"replacement_sources": [
"OSV Express"
]
},
{
"system_id": "fastify",
"retired_source": "GitHub Global Advisories",
@@ -1498,6 +1746,14 @@
"OSV Flask"
]
},
{
"system_id": "ghost",
"retired_source": "NVD Ghost",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
]
},
{
"system_id": "hapi",
"retired_source": "GitHub Global Advisories",
@@ -1512,6 +1768,14 @@
"HAProxy Blog Feed"
]
},
{
"system_id": "joomla",
"retired_source": "NVD Joomla",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
]
},
{
"system_id": "koa",
"retired_source": "GitHub Global Advisories",
@@ -1533,6 +1797,14 @@
"NVD Mattermost"
]
},
{
"system_id": "mattermost",
"retired_source": "NVD Mattermost",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
]
},
{
"system_id": "mediawiki",
"retired_source": "MediaWiki Security Releases",
@@ -1541,6 +1813,14 @@
"NVD MediaWiki"
]
},
{
"system_id": "mediawiki",
"retired_source": "NVD MediaWiki",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
]
},
{
"system_id": "moodle",
"retired_source": "Moodle Security News",
@@ -1548,6 +1828,13 @@
"NVD Moodle"
]
},
{
"system_id": "moodle",
"retired_source": "NVD Moodle",
"replacement_sources": [
"OSV Moodle"
]
},
{
"system_id": "nestjs",
"retired_source": "GitHub Global Advisories",
@@ -1555,6 +1842,13 @@
"OSV NestJS"
]
},
{
"system_id": "nestjs",
"retired_source": "NVD NestJS",
"replacement_sources": [
"OSV NestJS"
]
},
{
"system_id": "nextjs",
"retired_source": "GitHub Global Advisories",
@@ -1571,6 +1865,39 @@
"OSV Nuxt"
]
},
{
"system_id": "opencart",
"retired_source": "NVD OpenCart",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
]
},
{
"system_id": "openmage",
"retired_source": "NVD OpenMage",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
]
},
{
"system_id": "phpmyadmin",
"retired_source": "NVD phpMyAdmin",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
]
},
{
"system_id": "prestashop",
"retired_source": "NVD PrestaShop",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
]
},
{
"system_id": "rails",
"retired_source": "GitHub Global Advisories",
@@ -1578,6 +1905,13 @@
"OSV Rails"
]
},
{
"system_id": "rails",
"retired_source": "NVD Ruby on Rails",
"replacement_sources": [
"OSV Rails"
]
},
{
"system_id": "react",
"retired_source": "GitHub Global Advisories",
@@ -1586,6 +1920,29 @@
"OSV React"
]
},
{
"system_id": "redmine",
"retired_source": "NVD Redmine",
"replacement_sources": [
"Redmine Security Advisories"
]
},
{
"system_id": "saleor",
"retired_source": "NVD Saleor",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
]
},
{
"system_id": "shopware",
"retired_source": "NVD Shopware",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
]
},
{
"system_id": "spring-boot",
"retired_source": "GitHub Global Advisories",
@@ -1631,6 +1988,13 @@
"OSV Undici"
]
},
{
"system_id": "undici",
"retired_source": "NVD Undici",
"replacement_sources": [
"OSV Undici"
]
},
{
"system_id": "vite",
"retired_source": "GitHub Global Advisories",
@@ -1654,12 +2018,37 @@
"OSV webpack"
]
},
{
"system_id": "webpack",
"retired_source": "NVD webpack",
"replacement_sources": [
"OSV webpack"
]
},
{
"system_id": "werkzeug",
"retired_source": "GitHub Global Advisories",
"replacement_sources": [
"OSV Werkzeug"
]
},
{
"system_id": "woocommerce",
"retired_source": "NVD WooCommerce",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
]
},
{
"system_id": "wordpress",
"retired_source": "NVD WordPress",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
]
}
]
}

369
08-threat-intel/generated/dashboard/data/source-health.json
查看文件

文件差异内容过多而无法显示 加载差异

62
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-18T21:23:23+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-19T02:23:04+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -137,7 +137,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-18T21:23:23+00:00&quot;
&quot;value&quot;: &quot;2026-03-19T02:23:04+00:00&quot;
}
],
&quot;links&quot;: [
@@ -688,7 +688,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 2&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -725,7 +725,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Drupal Security Advisories Site\nGHSA Drupal Core&quot;
&quot;value&quot;: &quot;OSV Drupal&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -773,7 +773,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -810,7 +810,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Ghost&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -858,7 +858,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -895,7 +895,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Joomla&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -943,7 +943,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -980,7 +980,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV MediaWiki&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -1028,7 +1028,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -1065,7 +1065,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Moodle&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -1231,7 +1231,7 @@
&quot;fields&quot;: [
{
&quot;label&quot;: &quot;官方来源&quot;,
&quot;value&quot;: &quot;WordPress Security News\nNVD WordPress&quot;
&quot;value&quot;: &quot;WordPress Security News RSS\nNVD WordPress&quot;
},
{
&quot;label&quot;: &quot;生态来源&quot;,
@@ -4300,7 +4300,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4337,7 +4337,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Mattermost&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -4385,7 +4385,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4422,7 +4422,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Redmine&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -4470,7 +4470,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -4507,7 +4507,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV phpMyAdmin&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5362,7 +5362,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5399,7 +5399,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV OpenCart&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5447,7 +5447,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5484,7 +5484,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV OpenMage&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5532,7 +5532,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 1&quot;,
&quot;生态源 2&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5569,7 +5569,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Friends Of Presta Security&quot;
&quot;value&quot;: &quot;OSV PrestaShop\nFriends Of Presta Security&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5617,7 +5617,7 @@
&quot;badges&quot;: [
&quot;近两年全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5654,7 +5654,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Saleor&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5702,7 +5702,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 2&quot;,
&quot;生态源 0&quot;,
&quot;生态源 1&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5739,7 +5739,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;-&quot;
&quot;value&quot;: &quot;OSV Shopware&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,
@@ -5787,7 +5787,7 @@
&quot;badges&quot;: [
&quot;历史全量&quot;,
&quot;官方源 3&quot;,
&quot;生态源 2&quot;,
&quot;生态源 3&quot;,
&quot;研究源 0&quot;
],
&quot;fields&quot;: [
@@ -5824,7 +5824,7 @@
},
{
&quot;label&quot;: &quot;生态来源&quot;,
&quot;value&quot;: &quot;Patchstack Database\nWordfence Vulnerability Database&quot;
&quot;value&quot;: &quot;OSV WooCommerce\nPatchstack Database\nWordfence Vulnerability Database&quot;
},
{
&quot;label&quot;: &quot;研究来源&quot;,

4
08-threat-intel/generated/dashboard/docs/coverage-matrix.html
查看文件

@@ -125,7 +125,7 @@
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `2` | `2026-03-02T20:30:10.923` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-17T16:31:34.160932Z` |
| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `66` | `41` | `3` | `seeded` | `real:26/synthetic:0/blocked:0` | `21` | `26` | `25` | `2026-03-18T22:02:16.858114Z` |
| Nginx | `servers` | `history-full` | `yes` | `yes` | `110` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `110` | `2025-08-12T17:24:44.367` |
| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `8` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `8` | `2025-01-21` |
| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `28` | `5` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `23` | `2025-09-18T13:04:21Z` |
@@ -145,7 +145,7 @@
| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `3` | `3` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-28T06:27:26.115188Z` |
| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `9` | `9` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:16:14.858636Z` |
| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `43` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-18T13:59:10.423590Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-14T09:19:54.772219Z` |
| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-18T23:58:57.714731Z` |
| Vite | `frameworks` | `history-full` | `yes` | `yes` | `42` | `16` | `3` | `seeded` | `real:12/synthetic:0/blocked:0` | `12` | `12` | `26` | `2026-02-04T04:37:24.129476Z` |
| Vue | `frameworks` | `history-full` | `yes` | `yes` | `15` | `1` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `14` | `2024-10-24T19:12:14.925352Z` |
| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `1` | `2026-02-27T17:21:22.370` |

278
08-threat-intel/generated/dashboard/docs/retired-sources.html
查看文件

@@ -193,26 +193,13 @@
{
&quot;system_id&quot;: &quot;drupal&quot;,
&quot;display_name&quot;: &quot;Drupal&quot;,
&quot;source_name&quot;: &quot;Drupal Security Advisories Site&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;html-links&quot;,
&quot;retired_reason&quot;: &quot;Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.&quot;,
&quot;source_name&quot;: &quot;NVD Drupal&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.&quot;,
&quot;replacement_sources&quot;: [
&quot;Drupal Security Advisories RSS&quot;,
&quot;GHSA Drupal Core&quot;
],
&quot;url&quot;: &quot;https://www.drupal.org/security&quot;
},
{
&quot;system_id&quot;: &quot;drupal&quot;,
&quot;display_name&quot;: &quot;Drupal&quot;,
&quot;source_name&quot;: &quot;GHSA Drupal Core&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;ghsa-global&quot;,
&quot;retired_reason&quot;: &quot;Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.&quot;,
&quot;replacement_sources&quot;: [
&quot;Drupal Security Advisories RSS&quot;,
&quot;NVD Drupal&quot;
&quot;OSV Drupal&quot;
],
&quot;url&quot;: &quot;&quot;
},
@@ -228,6 +215,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;esbuild&quot;,
&quot;display_name&quot;: &quot;esbuild&quot;,
&quot;source_name&quot;: &quot;NVD esbuild&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV esbuild replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV esbuild&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;express&quot;,
&quot;display_name&quot;: &quot;Express&quot;,
@@ -240,6 +239,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;express&quot;,
&quot;display_name&quot;: &quot;Express&quot;,
&quot;source_name&quot;: &quot;NVD Express.js&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Express replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Express&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;fastify&quot;,
&quot;display_name&quot;: &quot;Fastify&quot;,
@@ -264,6 +275,19 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;ghost&quot;,
&quot;display_name&quot;: &quot;Ghost&quot;,
&quot;source_name&quot;: &quot;NVD Ghost&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.&quot;,
&quot;replacement_sources&quot;: [
&quot;Ghost GitHub Advisories&quot;,
&quot;OSV Ghost&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;hapi&quot;,
&quot;display_name&quot;: &quot;Hapi&quot;,
@@ -288,6 +312,19 @@
],
&quot;url&quot;: &quot;https://www.haproxy.org/security/&quot;
},
{
&quot;system_id&quot;: &quot;joomla&quot;,
&quot;display_name&quot;: &quot;Joomla&quot;,
&quot;source_name&quot;: &quot;NVD Joomla&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.&quot;,
&quot;replacement_sources&quot;: [
&quot;Joomla Security Centre&quot;,
&quot;OSV Joomla&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;koa&quot;,
&quot;display_name&quot;: &quot;Koa&quot;,
@@ -324,6 +361,19 @@
],
&quot;url&quot;: &quot;https://mattermost.com/security-updates/&quot;
},
{
&quot;system_id&quot;: &quot;mattermost&quot;,
&quot;display_name&quot;: &quot;Mattermost&quot;,
&quot;source_name&quot;: &quot;NVD Mattermost&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;Mattermost Security Updates JSON&quot;,
&quot;OSV Mattermost&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;mediawiki&quot;,
&quot;display_name&quot;: &quot;MediaWiki&quot;,
@@ -337,6 +387,19 @@
],
&quot;url&quot;: &quot;https://www.mediawiki.org/wiki/Security&quot;
},
{
&quot;system_id&quot;: &quot;mediawiki&quot;,
&quot;display_name&quot;: &quot;MediaWiki&quot;,
&quot;source_name&quot;: &quot;NVD MediaWiki&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;MediaWiki Announce RSS&quot;,
&quot;OSV MediaWiki&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;moodle&quot;,
&quot;display_name&quot;: &quot;Moodle&quot;,
@@ -349,6 +412,18 @@
],
&quot;url&quot;: &quot;https://moodle.org/security/&quot;
},
{
&quot;system_id&quot;: &quot;moodle&quot;,
&quot;display_name&quot;: &quot;Moodle&quot;,
&quot;source_name&quot;: &quot;NVD Moodle&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Moodle&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nestjs&quot;,
&quot;display_name&quot;: &quot;NestJS&quot;,
@@ -361,6 +436,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nestjs&quot;,
&quot;display_name&quot;: &quot;NestJS&quot;,
&quot;source_name&quot;: &quot;NVD NestJS&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV NestJS replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV NestJS&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;nextjs&quot;,
&quot;display_name&quot;: &quot;Next.js&quot;,
@@ -387,6 +474,59 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;opencart&quot;,
&quot;display_name&quot;: &quot;OpenCart&quot;,
&quot;source_name&quot;: &quot;NVD OpenCart&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.&quot;,
&quot;replacement_sources&quot;: [
&quot;OpenCart Releases&quot;,
&quot;OSV OpenCart&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;openmage&quot;,
&quot;display_name&quot;: &quot;OpenMage / Mage-OS&quot;,
&quot;source_name&quot;: &quot;NVD OpenMage&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV OpenMage replaces NVD for machine-readable composer-aligned collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OpenMage GitHub Advisories&quot;,
&quot;OSV OpenMage&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;phpmyadmin&quot;,
&quot;display_name&quot;: &quot;phpMyAdmin&quot;,
&quot;source_name&quot;: &quot;NVD phpMyAdmin&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.&quot;,
&quot;replacement_sources&quot;: [
&quot;phpMyAdmin Security Page&quot;,
&quot;OSV phpMyAdmin&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;prestashop&quot;,
&quot;display_name&quot;: &quot;PrestaShop&quot;,
&quot;source_name&quot;: &quot;NVD PrestaShop&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.&quot;,
&quot;replacement_sources&quot;: [
&quot;PrestaShop Security Page&quot;,
&quot;GitHub PrestaShop Advisories&quot;,
&quot;OSV PrestaShop&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;rails&quot;,
&quot;display_name&quot;: &quot;Ruby on Rails&quot;,
@@ -399,6 +539,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;rails&quot;,
&quot;display_name&quot;: &quot;Ruby on Rails&quot;,
&quot;source_name&quot;: &quot;NVD Ruby on Rails&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Rails replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Rails&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;react&quot;,
&quot;display_name&quot;: &quot;React&quot;,
@@ -412,6 +564,44 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;redmine&quot;,
&quot;display_name&quot;: &quot;Redmine&quot;,
&quot;source_name&quot;: &quot;NVD Redmine&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.&quot;,
&quot;replacement_sources&quot;: [
&quot;Redmine Security Advisories&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;saleor&quot;,
&quot;display_name&quot;: &quot;Saleor&quot;,
&quot;source_name&quot;: &quot;NVD Saleor&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.&quot;,
&quot;replacement_sources&quot;: [
&quot;GitHub Saleor Advisories&quot;,
&quot;OSV Saleor&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;shopware&quot;,
&quot;display_name&quot;: &quot;Shopware&quot;,
&quot;source_name&quot;: &quot;NVD Shopware&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.&quot;,
&quot;replacement_sources&quot;: [
&quot;Shopware Security Advisories&quot;,
&quot;OSV Shopware&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;spring-boot&quot;,
&quot;display_name&quot;: &quot;Spring Boot&quot;,
@@ -487,6 +677,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;undici&quot;,
&quot;display_name&quot;: &quot;Undici&quot;,
&quot;source_name&quot;: &quot;NVD Undici&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV Undici replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV Undici&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;vite&quot;,
&quot;display_name&quot;: &quot;Vite&quot;,
@@ -525,6 +727,18 @@
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;webpack&quot;,
&quot;display_name&quot;: &quot;webpack&quot;,
&quot;source_name&quot;: &quot;NVD webpack&quot;,
&quot;bucket&quot;: &quot;ecosystem_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV webpack replaces NVD public search for lower-latency machine-readable collection.&quot;,
&quot;replacement_sources&quot;: [
&quot;OSV webpack&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;werkzeug&quot;,
&quot;display_name&quot;: &quot;Werkzeug&quot;,
@@ -536,6 +750,34 @@
&quot;OSV Werkzeug&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;woocommerce&quot;,
&quot;display_name&quot;: &quot;WooCommerce&quot;,
&quot;source_name&quot;: &quot;NVD WooCommerce&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.&quot;,
&quot;replacement_sources&quot;: [
&quot;Woo Developer Advisories&quot;,
&quot;GitHub WooCommerce Advisories&quot;,
&quot;OSV WooCommerce&quot;
],
&quot;url&quot;: &quot;&quot;
},
{
&quot;system_id&quot;: &quot;wordpress&quot;,
&quot;display_name&quot;: &quot;WordPress&quot;,
&quot;source_name&quot;: &quot;NVD WordPress&quot;,
&quot;bucket&quot;: &quot;official_sources&quot;,
&quot;kind&quot;: &quot;nvd-search&quot;,
&quot;retired_reason&quot;: &quot;WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.&quot;,
&quot;replacement_sources&quot;: [
&quot;WordPress Security News RSS&quot;,
&quot;Wordfence Vulnerability Database&quot;,
&quot;WPScan Vulnerability Database&quot;
],
&quot;url&quot;: &quot;&quot;
}
]</pre>
</div>

33
08-threat-intel/generated/dashboard/docs/source-catalog-audit.html
查看文件

@@ -88,12 +88,12 @@
<div class="meta">工作台内置镜像页active/retired source、replacement map 与覆盖摘要。</div>
<pre># Source Catalog Audit
- generated_at: `2026-03-18T21:16:34+00:00`
- generated_at: `2026-03-19T02:22:09+00:00`
- systems: `62`
- sources: `161`
- active_sources: `125`
- retired_sources: `36`
- systems_with_active_official: `62/62`
- sources: `173`
- active_sources: `118`
- retired_sources: `55`
- systems_with_active_official: `61/62`
- systems_with_machine_readable_source: `62/62`
## Retired Sources
@@ -106,34 +106,53 @@
- `discourse` `Discourse Meta Security` -&gt; replacements: `Discourse Release Notes RSS, GitHub Discourse Advisories` | reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
- `discourse` `GitHub Discourse Advisories` -&gt; replacements: `Discourse Release Notes RSS, Discourse Security RSS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
- `django` `Django Security RSS` -&gt; replacements: `Django Security Weblog, Django Security Releases Archive` | reason: Official security tag feed became unstable; use official weblog index and release archive instead.
- `drupal` `Drupal Security Advisories Site` -&gt; replacements: `Drupal Security Advisories RSS, GHSA Drupal Core` | reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
- `drupal` `GHSA Drupal Core` -&gt; replacements: `Drupal Security Advisories RSS, NVD Drupal` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
- `drupal` `NVD Drupal` -&gt; replacements: `Drupal Security Advisories RSS, OSV Drupal` | reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
- `esbuild` `GitHub Global Advisories` -&gt; replacements: `OSV esbuild` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
- `esbuild` `NVD esbuild` -&gt; replacements: `OSV esbuild` | reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
- `express` `GitHub Global Advisories` -&gt; replacements: `OSV Express` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
- `express` `NVD Express.js` -&gt; replacements: `OSV Express` | reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
- `fastify` `GitHub Global Advisories` -&gt; replacements: `OSV Fastify` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
- `flask` `GitHub Global Advisories` -&gt; replacements: `OSV Flask` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
- `ghost` `NVD Ghost` -&gt; replacements: `Ghost GitHub Advisories, OSV Ghost` | reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
- `hapi` `GitHub Global Advisories` -&gt; replacements: `OSV Hapi` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
- `haproxy` `HAProxy Security Advisories` -&gt; replacements: `HAProxy Blog Feed` | reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
- `joomla` `NVD Joomla` -&gt; replacements: `Joomla Security Centre, OSV Joomla` | reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
- `koa` `GitHub Global Advisories` -&gt; replacements: `OSV Koa` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
- `laravel` `GitHub Global Advisories` -&gt; replacements: `OSV Laravel` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
- `mattermost` `Mattermost Security Updates` -&gt; replacements: `NVD Mattermost` | reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
- `mattermost` `NVD Mattermost` -&gt; replacements: `Mattermost Security Updates JSON, OSV Mattermost` | reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
- `mediawiki` `MediaWiki Security Releases` -&gt; replacements: `MediaWiki Announce RSS, NVD MediaWiki` | reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
- `mediawiki` `NVD MediaWiki` -&gt; replacements: `MediaWiki Announce RSS, OSV MediaWiki` | reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
- `moodle` `Moodle Security News` -&gt; replacements: `NVD Moodle` | reason: Security page is reachable with a browser-style UA, but the current markup only exposes generic &quot;Discuss this topic&quot; anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.
- `moodle` `NVD Moodle` -&gt; replacements: `OSV Moodle` | reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
- `nestjs` `GitHub Global Advisories` -&gt; replacements: `OSV NestJS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
- `nestjs` `NVD NestJS` -&gt; replacements: `OSV NestJS` | reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
- `nextjs` `GitHub Global Advisories` -&gt; replacements: `GitHub Next.js Advisories, OSV Next.js` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
- `nuxt` `GitHub Global Advisories` -&gt; replacements: `Nuxt Security, OSV Nuxt` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
- `opencart` `NVD OpenCart` -&gt; replacements: `OpenCart Releases, OSV OpenCart` | reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
- `openmage` `NVD OpenMage` -&gt; replacements: `OpenMage GitHub Advisories, OSV OpenMage` | reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
- `phpmyadmin` `NVD phpMyAdmin` -&gt; replacements: `phpMyAdmin Security Page, OSV phpMyAdmin` | reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
- `prestashop` `NVD PrestaShop` -&gt; replacements: `PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop` | reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
- `rails` `GitHub Global Advisories` -&gt; replacements: `OSV Rails` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
- `rails` `NVD Ruby on Rails` -&gt; replacements: `OSV Rails` | reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
- `react` `GitHub Global Advisories` -&gt; replacements: `GitHub React Advisories, OSV React` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
- `redmine` `NVD Redmine` -&gt; replacements: `Redmine Security Advisories` | reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
- `saleor` `NVD Saleor` -&gt; replacements: `GitHub Saleor Advisories, OSV Saleor` | reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
- `shopware` `NVD Shopware` -&gt; replacements: `Shopware Security Advisories, OSV Shopware` | reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
- `spring-boot` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Boot` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `spring-framework` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Framework` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.
- `spring-security` `GitHub Global Advisories` -&gt; replacements: `Spring Security Advisories, OSV Spring Security` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `sveltekit` `GitHub Global Advisories` -&gt; replacements: `OSV SvelteKit` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
- `symfony` `GitHub Global Advisories` -&gt; replacements: `OSV Symfony` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
- `undici` `GitHub Global Advisories` -&gt; replacements: `OSV Undici` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
- `undici` `NVD Undici` -&gt; replacements: `OSV Undici` | reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
- `vite` `GitHub Global Advisories` -&gt; replacements: `Vite Security, OSV Vite` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
- `vue` `GitHub Global Advisories` -&gt; replacements: `Vue Security, OSV Vue` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
- `webpack` `GitHub Global Advisories` -&gt; replacements: `OSV webpack` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
- `webpack` `NVD webpack` -&gt; replacements: `OSV webpack` | reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
- `werkzeug` `GitHub Global Advisories` -&gt; replacements: `OSV Werkzeug` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
- `woocommerce` `NVD WooCommerce` -&gt; replacements: `Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce` | reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
- `wordpress` `NVD WordPress` -&gt; replacements: `WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database` | reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.
</pre>
</div>
</main>

180
08-threat-intel/generated/dashboard/docs/source-map.html
查看文件

@@ -94,19 +94,24 @@ systems:
tier: history-full
advisory_modes: [core, plugin]
official_sources:
- name: WordPress Security News
kind: html-links
url: https://wordpress.org/news/category/security/
- name: WordPress Security News RSS
kind: rss-feed
url: https://wordpress.org/news/category/security/feed/
confidence: official
advisory_mode: core
keywords: [wordpress, security, release]
max_items: 40
request_policy:
user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
- name: NVD WordPress
kind: nvd-search
keyword: WordPress
confidence: official
advisory_mode: core
results_per_page: 50
status: retired
retired_reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.
replacement_sources: [WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database]
ecosystem_sources:
- name: Wordfence Vulnerability Database
kind: html-links
@@ -166,6 +171,9 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
status: retired
retired_reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
replacement_sources: [Drupal Security Advisories RSS, OSV Drupal]
ecosystem_sources:
- name: Drupal Security Advisories Site
kind: html-links
@@ -186,8 +194,13 @@ systems:
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
replacement_sources: [Drupal Security Advisories RSS, NVD Drupal]
research_sources: []
ecosystem_sources:
- name: OSV Drupal
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: drupal/core
cpe_keys: [&quot;drupal:drupal&quot;]
ghsa_keywords: [drupal, drupal core]
@@ -217,9 +230,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
ecosystem_sources: []
status: retired
retired_reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
replacement_sources: [Joomla Security Centre, OSV Joomla]
ecosystem_sources:
- name: OSV Joomla
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: joomla/joomla-cms
cpe_keys: [&quot;joomla:joomla!&quot;]
ghsa_keywords: [joomla]
kev_keywords: [joomla]
@@ -248,7 +270,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
replacement_sources: [Ghost GitHub Advisories, OSV Ghost]
ecosystem_sources:
- name: OSV Ghost
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: npm
@@ -355,9 +384,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
replacement_sources: [MediaWiki Announce RSS, OSV MediaWiki]
ecosystem_sources:
- name: OSV MediaWiki
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: mediawiki/core
cpe_keys: [&quot;mediawiki:mediawiki&quot;]
ghsa_keywords: [mediawiki]
kev_keywords: [mediawiki]
@@ -394,9 +432,18 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
replacement_sources: [OSV Moodle]
ecosystem_sources:
- name: OSV Moodle
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Packagist
name: moodle/moodle
cpe_keys: [&quot;moodle:moodle&quot;]
ghsa_keywords: [moodle]
kev_keywords: [moodle]
@@ -592,10 +639,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
replacement_sources: [OpenMage GitHub Advisories, OSV OpenMage]
ecosystem_sources:
- name: OSV OpenMage
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: openmage/magento-lts
cpe_keys: []
ghsa_keywords: [openmage, mage-os]
@@ -631,7 +685,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
replacement_sources: [Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce]
ecosystem_sources:
- name: OSV WooCommerce
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
- name: Patchstack Database
kind: html-links
url: https://patchstack.com/database/
@@ -650,7 +711,7 @@ systems:
package_names:
- ecosystem: npm
name: &quot;@woocommerce/blocks&quot;
- ecosystem: composer
- ecosystem: Packagist
name: woocommerce/woocommerce
cpe_keys: []
ghsa_keywords: [woocommerce]
@@ -687,7 +748,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
replacement_sources: [PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop]
ecosystem_sources:
- name: OSV PrestaShop
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
- name: Friends Of Presta Security
kind: html-links
url: https://security.friendsofpresta.org/
@@ -697,7 +765,7 @@ systems:
max_items: 50
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: prestashop/prestashop
cpe_keys: [&quot;prestashop:prestashop&quot;]
ghsa_keywords: [prestashop]
@@ -727,10 +795,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
replacement_sources: [Shopware Security Advisories, OSV Shopware]
ecosystem_sources:
- name: OSV Shopware
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: shopware/platform
cpe_keys: []
ghsa_keywords: [shopware]
@@ -759,10 +834,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 50
ecosystem_sources: []
status: retired
retired_reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
replacement_sources: [OpenCart Releases, OSV OpenCart]
ecosystem_sources:
- name: OSV OpenCart
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: composer
- ecosystem: Packagist
name: opencart/opencart
cpe_keys: [&quot;opencart:opencart&quot;]
ghsa_keywords: [opencart]
@@ -791,10 +873,17 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
replacement_sources: [GitHub Saleor Advisories, OSV Saleor]
ecosystem_sources:
- name: OSV Saleor
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: pypi
- ecosystem: PyPI
name: saleor
cpe_keys: []
ghsa_keywords: [saleor]
@@ -1157,6 +1246,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Express]
research_sources: []
package_names:
- ecosystem: npm
@@ -1195,6 +1287,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV NestJS]
research_sources: []
package_names:
- ecosystem: npm
@@ -1359,6 +1454,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Undici]
research_sources: []
package_names:
- ecosystem: npm
@@ -1397,6 +1495,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV webpack]
research_sources: []
package_names:
- ecosystem: npm
@@ -1435,6 +1536,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV esbuild]
research_sources: []
package_names:
- ecosystem: npm
@@ -1775,6 +1879,9 @@ systems:
confidence: ecosystem-authority
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
replacement_sources: [OSV Rails]
research_sources: []
package_names:
- ecosystem: RubyGems
@@ -2083,7 +2190,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
replacement_sources: [phpMyAdmin Security Page, OSV phpMyAdmin]
ecosystem_sources:
- name: OSV phpMyAdmin
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: Packagist
@@ -2299,6 +2413,9 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
status: retired
retired_reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
replacement_sources: [Mattermost Security Updates JSON, OSV Mattermost]
- name: Mattermost Security Updates JSON
kind: json-feed
url: https://securityupdates.mattermost.com/security_updates.json
@@ -2307,9 +2424,15 @@ systems:
max_items: 600
request_policy:
accept: application/json
ecosystem_sources: []
ecosystem_sources:
- name: OSV Mattermost
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names: []
package_names:
- ecosystem: Go
name: github.com/mattermost/mattermost-server
cpe_keys: [&quot;mattermost:mattermost&quot;]
ghsa_keywords: [mattermost]
kev_keywords: [mattermost]
@@ -2337,7 +2460,14 @@ systems:
confidence: official
advisory_mode: core
results_per_page: 40
ecosystem_sources: []
status: retired
retired_reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
replacement_sources: [Redmine Security Advisories]
ecosystem_sources:
- name: OSV Redmine
kind: osv-batch
confidence: ecosystem-authority
advisory_mode: core
research_sources: []
package_names:
- ecosystem: RubyGems

16
08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
查看文件

@@ -88,15 +88,15 @@
<div class="meta">工作台内置镜像页89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
<pre># 全库 Advisory 完整度报告
- 生成时间: `2026-03-18T21:23:23+00:00`
- 生成时间: `2026-03-19T02:23:04+00:00`
- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
- 人工/待补证据数量: `0`
- 完整度百分比: `100.0%`
- active source 全绿: `125/125`
- active source 全绿: `118/118`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T21:09:25+00:00`
- 最近一次 source 全绿: `2026-03-19T02:22:24+00:00`
## 系统覆盖矩阵
@@ -117,10 +117,14 @@
## Ingest / Source 健康度
- source failures: `0`
- active sources: `125`
- green sources: `125`
- source failures: `4`
- active sources: `118`
- green sources: `118`
- open alerts: `0`
- django::OSV Django::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- flask::OSV Flask::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- spring-security::OSV Spring Security::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
- symfony::OSV Symfony::tls::HTTPSConnectionPool(host=&#x27;api.osv.dev&#x27;, port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, &#x27;EOF occurred in violation of protocol (_ssl.c:1129)&#x27;)))
## 剩余风险说明

36
08-threat-intel/generated/dashboard/runs.json
查看文件

@@ -5961,16 +5961,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:37:58Z",
"updated_at": "2026-03-13T20:54:25.417862Z",
"updated_at": "2026-03-18T23:58:57.714731Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-2581",
"https://hackerone.com/reports/3513473",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
@@ -6306,16 +6306,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:41Z",
"updated_at": "2026-03-13T20:54:26.149214Z",
"updated_at": "2026-03-18T22:58:58.908047Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"https://hackerone.com/reports/3487486",
"https://cna.openjsf.org/security-advisories.html",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://nodejs.org/api/zlib.html#class-zlibinflateraw"
@@ -6991,16 +6991,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:26Z",
"updated_at": "2026-03-14T09:17:45.838435Z",
"updated_at": "2026-03-18T22:58:59.863318Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"https://hackerone.com/reports/3537648",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
@@ -7336,16 +7336,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:26Z",
"updated_at": "2026-03-13T20:54:25.572106Z",
"updated_at": "2026-03-18T22:58:58.996775Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1527",
"https://hackerone.com/reports/3487198",
"https://cna.openjsf.org/security-advisories.html",
"https://github.com/nodejs/undici"
],
"aliases": [
@@ -7681,16 +7681,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "high",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:41:56Z",
"updated_at": "2026-03-13T20:54:25.563997Z",
"updated_at": "2026-03-18T22:58:59.936049Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"https://hackerone.com/reports/3481206",
"https://cna.openjsf.org/security-advisories.html",
"https://datatracker.ietf.org/doc/html/rfc7692",
"https://github.com/nodejs/undici",
"https://owasp.org/www-community/attacks/Denial_of_Service"
@@ -8029,16 +8029,16 @@
"display_name": "Undici",
"system_id": "undici",
"category": "frameworks",
"severity": "medium",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-13T20:07:03Z",
"updated_at": "2026-03-14T09:19:54.772219Z",
"updated_at": "2026-03-18T22:58:59.626657Z",
"official_source_url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"secondary_source_urls": [
"https://cna.openjsf.org/security-advisories.html",
"https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"https://hackerone.com/reports/3556037",
"https://cna.openjsf.org/security-advisories.html",
"https://cwe.mitre.org/data/definitions/444.html",
"https://github.com/nodejs/undici",
"https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"

14
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-18T21:23:23+00:00",
"generated_at": "2026-03-19T02:23:04+00:00",
"advisory_count": 2392,
"run_count": 140,
"statuses": {
@@ -154,11 +154,11 @@
}
],
"monitoring": {
"active_source_count": 125,
"green_source_count": 125,
"active_source_count": 118,
"green_source_count": 118,
"source_failure_count": 0,
"open_alert_count": 0,
"last_fully_green_run": "2026-03-18T21:09:25+00:00"
"last_fully_green_run": "2026-03-19T02:22:24+00:00"
},
"systems": [
{
@@ -667,7 +667,7 @@
"manual": 40,
"browser_required": 0,
"browser_present": 21,
"latest_update": "2026-03-17T16:31:34.160932Z",
"latest_update": "2026-03-18T22:02:16.858114Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs",
@@ -1265,7 +1265,7 @@
"manual": 9,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-18T04:03:27+00:00",
"latest_update": "2026-03-18T23:58:57.714731Z",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici",
@@ -1969,7 +1969,7 @@
"verified_ratio": 100.0,
"complete": true,
"source_failure_count": 0,
"active_source_count": 125,
"active_source_count": 118,
"open_alert_count": 0
}
}

4
08-threat-intel/generated/dashboard/systems.json
查看文件

@@ -505,7 +505,7 @@
"manual": 40,
"browser_required": 0,
"browser_present": 21,
"latest_update": "2026-03-17T16:31:34.160932Z",
"latest_update": "2026-03-18T22:02:16.858114Z",
"category": "frameworks",
"tier": "history-full",
"output_dir": "07-framework-security/frameworks/nextjs",
@@ -1103,7 +1103,7 @@
"manual": 9,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-18T04:03:27+00:00",
"latest_update": "2026-03-18T23:58:57.714731Z",
"category": "frameworks",
"tier": "rolling-24m",
"output_dir": "07-framework-security/frameworks/undici",

13
08-threat-intel/generated/latest-ingest.md
查看文件

@@ -1,11 +1,18 @@
# 最新同步摘要
- 渲染时间: `2026-03-18T21:23:23+00:00`
- 渲染时间: `2026-03-19T02:23:04+00:00`
- 系统数量: `62`
- Advisory 数量: `2348`
- 重点 Markdown 数量: `156`
- Run Bundle 数量: `89`
- 新增记录: `0`
- 更新记录: `0`
- 更新记录: `7`
- Triage 数量: `1169`
- 失败的 source adapter: `0`
- 失败的 source adapter: `4`
## 失败列表
- django::OSV Django::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))
- flask::OSV Flask::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))
- spring-security::OSV Spring Security::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))
- symfony::OSV Symfony::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))

21
08-threat-intel/generated/monitor-summary.json
查看文件

@@ -1,21 +1,24 @@
{
"generated_at": "2026-03-18T21:09:25+00:00",
"active_source_count": 125,
"green_source_count": 125,
"generated_at": "2026-03-19T02:22:24+00:00",
"active_source_count": 118,
"green_source_count": 118,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 0,
"last_fully_green_run": "2026-03-18T21:09:25+00:00",
"last_fully_green_run": "2026-03-19T02:22:24+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 161,
"retired_source_count": 36
"source_count": 173,
"retired_source_count": 55
},
"ingest": {
"new_count": 0,
"updated_count": 0,
"failure_count": 0,
"systems_touched": []
"updated_count": 7,
"failure_count": 4,
"systems_touched": [
"nextjs",
"undici"
]
},
"validation": {
"passed": true,

278
08-threat-intel/generated/retired-sources.json
查看文件

@@ -105,26 +105,13 @@
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "Drupal Security Advisories Site",
"bucket": "ecosystem_sources",
"kind": "html-links",
"retired_reason": "Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.",
"source_name": "NVD Drupal",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"GHSA Drupal Core"
],
"url": "https://www.drupal.org/security"
},
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "GHSA Drupal Core",
"bucket": "ecosystem_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"NVD Drupal"
"OSV Drupal"
],
"url": ""
},
@@ -140,6 +127,18 @@
],
"url": ""
},
{
"system_id": "esbuild",
"display_name": "esbuild",
"source_name": "NVD esbuild",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV esbuild replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV esbuild"
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
@@ -152,6 +151,18 @@
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
"source_name": "NVD Express.js",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Express replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Express"
],
"url": ""
},
{
"system_id": "fastify",
"display_name": "Fastify",
@@ -176,6 +187,19 @@
],
"url": ""
},
{
"system_id": "ghost",
"display_name": "Ghost",
"source_name": "NVD Ghost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
],
"url": ""
},
{
"system_id": "hapi",
"display_name": "Hapi",
@@ -200,6 +224,19 @@
],
"url": "https://www.haproxy.org/security/"
},
{
"system_id": "joomla",
"display_name": "Joomla",
"source_name": "NVD Joomla",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
],
"url": ""
},
{
"system_id": "koa",
"display_name": "Koa",
@@ -236,6 +273,19 @@
],
"url": "https://mattermost.com/security-updates/"
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"source_name": "NVD Mattermost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
],
"url": ""
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
@@ -249,6 +299,19 @@
],
"url": "https://www.mediawiki.org/wiki/Security"
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"source_name": "NVD MediaWiki",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
],
"url": ""
},
{
"system_id": "moodle",
"display_name": "Moodle",
@@ -261,6 +324,18 @@
],
"url": "https://moodle.org/security/"
},
{
"system_id": "moodle",
"display_name": "Moodle",
"source_name": "NVD Moodle",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.",
"replacement_sources": [
"OSV Moodle"
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
@@ -273,6 +348,18 @@
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
"source_name": "NVD NestJS",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV NestJS replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV NestJS"
],
"url": ""
},
{
"system_id": "nextjs",
"display_name": "Next.js",
@@ -299,6 +386,59 @@
],
"url": ""
},
{
"system_id": "opencart",
"display_name": "OpenCart",
"source_name": "NVD OpenCart",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
],
"url": ""
},
{
"system_id": "openmage",
"display_name": "OpenMage / Mage-OS",
"source_name": "NVD OpenMage",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenMage replaces NVD for machine-readable composer-aligned collection.",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
],
"url": ""
},
{
"system_id": "phpmyadmin",
"display_name": "phpMyAdmin",
"source_name": "NVD phpMyAdmin",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
],
"url": ""
},
{
"system_id": "prestashop",
"display_name": "PrestaShop",
"source_name": "NVD PrestaShop",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
@@ -311,6 +451,18 @@
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
"source_name": "NVD Ruby on Rails",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Rails replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Rails"
],
"url": ""
},
{
"system_id": "react",
"display_name": "React",
@@ -324,6 +476,44 @@
],
"url": ""
},
{
"system_id": "redmine",
"display_name": "Redmine",
"source_name": "NVD Redmine",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.",
"replacement_sources": [
"Redmine Security Advisories"
],
"url": ""
},
{
"system_id": "saleor",
"display_name": "Saleor",
"source_name": "NVD Saleor",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
],
"url": ""
},
{
"system_id": "shopware",
"display_name": "Shopware",
"source_name": "NVD Shopware",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
],
"url": ""
},
{
"system_id": "spring-boot",
"display_name": "Spring Boot",
@@ -399,6 +589,18 @@
],
"url": ""
},
{
"system_id": "undici",
"display_name": "Undici",
"source_name": "NVD Undici",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Undici replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Undici"
],
"url": ""
},
{
"system_id": "vite",
"display_name": "Vite",
@@ -437,6 +639,18 @@
],
"url": ""
},
{
"system_id": "webpack",
"display_name": "webpack",
"source_name": "NVD webpack",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV webpack replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV webpack"
],
"url": ""
},
{
"system_id": "werkzeug",
"display_name": "Werkzeug",
@@ -448,5 +662,33 @@
"OSV Werkzeug"
],
"url": ""
},
{
"system_id": "woocommerce",
"display_name": "WooCommerce",
"source_name": "NVD WooCommerce",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
],
"url": ""
},
{
"system_id": "wordpress",
"display_name": "WordPress",
"source_name": "NVD WordPress",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
],
"url": ""
}
]

68
08-threat-intel/generated/run-summary.json
查看文件

@@ -1,12 +1,72 @@
{
"generated_at": "2026-03-18T21:23:23+00:00",
"generated_at": "2026-03-19T02:23:04+00:00",
"system_count": 62,
"advisory_count": 2348,
"markdown_count": 156,
"new_count": 0,
"updated_count": 0,
"systems_touched": [],
"updated_count": 7,
"systems_touched": [
"nextjs",
"undici"
],
"triage_count": 1169,
"run_bundle_count": 89,
"failures": []
"failures": [
{
"system_id": "django",
"display_name": "Django",
"source_name": "OSV Django",
"source_kind": "osv-batch",
"source_bucket": "official_sources",
"category": "tls",
"exception": "SSLError",
"message": "HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"status_code": null,
"url": "",
"summary": "django::OSV Django::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"elapsed_seconds": 25.112
},
{
"system_id": "flask",
"display_name": "Flask",
"source_name": "OSV Flask",
"source_kind": "osv-batch",
"source_bucket": "official_sources",
"category": "tls",
"exception": "SSLError",
"message": "HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"status_code": null,
"url": "",
"summary": "flask::OSV Flask::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"elapsed_seconds": 25.129
},
{
"system_id": "spring-security",
"display_name": "Spring Security",
"source_name": "OSV Spring Security",
"source_kind": "osv-batch",
"source_bucket": "ecosystem_sources",
"category": "tls",
"exception": "SSLError",
"message": "HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"status_code": null,
"url": "",
"summary": "spring-security::OSV Spring Security::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"elapsed_seconds": 25.247
},
{
"system_id": "symfony",
"display_name": "Symfony",
"source_name": "OSV Symfony",
"source_kind": "osv-batch",
"source_bucket": "official_sources",
"category": "tls",
"exception": "SSLError",
"message": "HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"status_code": null,
"url": "",
"summary": "symfony::OSV Symfony::tls::HTTPSConnectionPool(host='api.osv.dev', port=443): Max retries exceeded with url: /v1/querybatch (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1129)')))",
"elapsed_seconds": 25.232
}
]
}

623
08-threat-intel/generated/source-catalog-audit.json
查看文件

@@ -1,10 +1,10 @@
{
"generated_at": "2026-03-18T21:16:34+00:00",
"generated_at": "2026-03-19T02:22:09+00:00",
"system_count": 62,
"source_count": 161,
"active_source_count": 125,
"retired_source_count": 36,
"systems_with_active_official": 62,
"source_count": 173,
"active_source_count": 118,
"retired_source_count": 55,
"systems_with_active_official": 61,
"systems_with_machine_readable_source": 62,
"systems": [
{
@@ -177,11 +177,11 @@
"display_name": "Drupal",
"category": "cms",
"tier": "history-full",
"source_total": 4,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 2,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -208,12 +208,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -223,12 +223,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -267,11 +267,11 @@
"display_name": "Ghost",
"category": "cms",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -387,11 +387,11 @@
"display_name": "Joomla",
"category": "cms",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -462,11 +462,11 @@
"display_name": "Mattermost",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 3,
"source_total": 4,
"active_source_total": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -477,11 +477,11 @@
"display_name": "MediaWiki",
"category": "cms",
"tier": "rolling-24m",
"source_total": 3,
"source_total": 4,
"active_source_total": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 2,
"has_active_official": true,
@@ -507,14 +507,14 @@
"display_name": "Moodle",
"category": "cms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 1,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 0,
"retired_source_total": 2,
"official_active": 0,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
"has_active_official": false,
"has_machine_readable_source": true
},
{
@@ -523,12 +523,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -597,11 +597,11 @@
"display_name": "OpenCart",
"category": "ecommerce",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -612,11 +612,11 @@
"display_name": "OpenMage / Mage-OS",
"category": "ecommerce",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -627,11 +627,11 @@
"display_name": "phpMyAdmin",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -642,11 +642,11 @@
"display_name": "PrestaShop",
"category": "ecommerce",
"tier": "history-full",
"source_total": 4,
"source_total": 5,
"active_source_total": 4,
"retired_source_total": 0,
"official_active": 3,
"ecosystem_active": 1,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 2,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -658,12 +658,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -687,11 +687,11 @@
"display_name": "Redmine",
"category": "platforms",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -702,11 +702,11 @@
"display_name": "Saleor",
"category": "ecommerce",
"tier": "rolling-24m",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -717,11 +717,11 @@
"display_name": "Shopware",
"category": "ecommerce",
"tier": "history-full",
"source_total": 2,
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 0,
"official_active": 2,
"ecosystem_active": 0,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 1,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -838,12 +838,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -883,12 +883,12 @@
"category": "frameworks",
"tier": "rolling-24m",
"source_total": 3,
"active_source_total": 2,
"retired_source_total": 1,
"active_source_total": 1,
"retired_source_total": 2,
"official_active": 1,
"ecosystem_active": 1,
"ecosystem_active": 0,
"research_active": 0,
"machine_readable_active": 2,
"machine_readable_active": 1,
"has_active_official": true,
"has_machine_readable_source": true
},
@@ -912,11 +912,11 @@
"display_name": "WooCommerce",
"category": "ecommerce",
"tier": "history-full",
"source_total": 5,
"source_total": 6,
"active_source_total": 5,
"retired_source_total": 0,
"official_active": 3,
"ecosystem_active": 2,
"retired_source_total": 1,
"official_active": 2,
"ecosystem_active": 3,
"research_active": 0,
"machine_readable_active": 1,
"has_active_official": true,
@@ -928,9 +928,9 @@
"category": "cms",
"tier": "history-full",
"source_total": 6,
"active_source_total": 6,
"retired_source_total": 0,
"official_active": 2,
"active_source_total": 5,
"retired_source_total": 1,
"official_active": 1,
"ecosystem_active": 3,
"research_active": 1,
"machine_readable_active": 1,
@@ -1045,26 +1045,13 @@
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "Drupal Security Advisories Site",
"bucket": "ecosystem_sources",
"kind": "html-links",
"retired_reason": "Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.",
"source_name": "NVD Drupal",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"GHSA Drupal Core"
],
"url": "https://www.drupal.org/security"
},
{
"system_id": "drupal",
"display_name": "Drupal",
"source_name": "GHSA Drupal Core",
"bucket": "ecosystem_sources",
"kind": "ghsa-global",
"retired_reason": "Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.",
"replacement_sources": [
"Drupal Security Advisories RSS",
"NVD Drupal"
"OSV Drupal"
],
"url": ""
},
@@ -1080,6 +1067,18 @@
],
"url": ""
},
{
"system_id": "esbuild",
"display_name": "esbuild",
"source_name": "NVD esbuild",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV esbuild replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV esbuild"
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
@@ -1092,6 +1091,18 @@
],
"url": ""
},
{
"system_id": "express",
"display_name": "Express",
"source_name": "NVD Express.js",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Express replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Express"
],
"url": ""
},
{
"system_id": "fastify",
"display_name": "Fastify",
@@ -1116,6 +1127,19 @@
],
"url": ""
},
{
"system_id": "ghost",
"display_name": "Ghost",
"source_name": "NVD Ghost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
],
"url": ""
},
{
"system_id": "hapi",
"display_name": "Hapi",
@@ -1140,6 +1164,19 @@
],
"url": "https://www.haproxy.org/security/"
},
{
"system_id": "joomla",
"display_name": "Joomla",
"source_name": "NVD Joomla",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
],
"url": ""
},
{
"system_id": "koa",
"display_name": "Koa",
@@ -1176,6 +1213,19 @@
],
"url": "https://mattermost.com/security-updates/"
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"source_name": "NVD Mattermost",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
],
"url": ""
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
@@ -1189,6 +1239,19 @@
],
"url": "https://www.mediawiki.org/wiki/Security"
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"source_name": "NVD MediaWiki",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
],
"url": ""
},
{
"system_id": "moodle",
"display_name": "Moodle",
@@ -1201,6 +1264,18 @@
],
"url": "https://moodle.org/security/"
},
{
"system_id": "moodle",
"display_name": "Moodle",
"source_name": "NVD Moodle",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.",
"replacement_sources": [
"OSV Moodle"
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
@@ -1213,6 +1288,18 @@
],
"url": ""
},
{
"system_id": "nestjs",
"display_name": "NestJS",
"source_name": "NVD NestJS",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV NestJS replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV NestJS"
],
"url": ""
},
{
"system_id": "nextjs",
"display_name": "Next.js",
@@ -1239,6 +1326,59 @@
],
"url": ""
},
{
"system_id": "opencart",
"display_name": "OpenCart",
"source_name": "NVD OpenCart",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
],
"url": ""
},
{
"system_id": "openmage",
"display_name": "OpenMage / Mage-OS",
"source_name": "NVD OpenMage",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV OpenMage replaces NVD for machine-readable composer-aligned collection.",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
],
"url": ""
},
{
"system_id": "phpmyadmin",
"display_name": "phpMyAdmin",
"source_name": "NVD phpMyAdmin",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
],
"url": ""
},
{
"system_id": "prestashop",
"display_name": "PrestaShop",
"source_name": "NVD PrestaShop",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
@@ -1251,6 +1391,18 @@
],
"url": ""
},
{
"system_id": "rails",
"display_name": "Ruby on Rails",
"source_name": "NVD Ruby on Rails",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Rails replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Rails"
],
"url": ""
},
{
"system_id": "react",
"display_name": "React",
@@ -1264,6 +1416,44 @@
],
"url": ""
},
{
"system_id": "redmine",
"display_name": "Redmine",
"source_name": "NVD Redmine",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.",
"replacement_sources": [
"Redmine Security Advisories"
],
"url": ""
},
{
"system_id": "saleor",
"display_name": "Saleor",
"source_name": "NVD Saleor",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
],
"url": ""
},
{
"system_id": "shopware",
"display_name": "Shopware",
"source_name": "NVD Shopware",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
],
"url": ""
},
{
"system_id": "spring-boot",
"display_name": "Spring Boot",
@@ -1339,6 +1529,18 @@
],
"url": ""
},
{
"system_id": "undici",
"display_name": "Undici",
"source_name": "NVD Undici",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV Undici replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV Undici"
],
"url": ""
},
{
"system_id": "vite",
"display_name": "Vite",
@@ -1377,6 +1579,18 @@
],
"url": ""
},
{
"system_id": "webpack",
"display_name": "webpack",
"source_name": "NVD webpack",
"bucket": "ecosystem_sources",
"kind": "nvd-search",
"retired_reason": "OSV webpack replaces NVD public search for lower-latency machine-readable collection.",
"replacement_sources": [
"OSV webpack"
],
"url": ""
},
{
"system_id": "werkzeug",
"display_name": "Werkzeug",
@@ -1388,6 +1602,34 @@
"OSV Werkzeug"
],
"url": ""
},
{
"system_id": "woocommerce",
"display_name": "WooCommerce",
"source_name": "NVD WooCommerce",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
],
"url": ""
},
{
"system_id": "wordpress",
"display_name": "WordPress",
"source_name": "NVD WordPress",
"bucket": "official_sources",
"kind": "nvd-search",
"retired_reason": "WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
],
"url": ""
}
],
"replacement_map": [
@@ -1456,18 +1698,10 @@
},
{
"system_id": "drupal",
"retired_source": "Drupal Security Advisories Site",
"retired_source": "NVD Drupal",
"replacement_sources": [
"Drupal Security Advisories RSS",
"GHSA Drupal Core"
]
},
{
"system_id": "drupal",
"retired_source": "GHSA Drupal Core",
"replacement_sources": [
"Drupal Security Advisories RSS",
"NVD Drupal"
"OSV Drupal"
]
},
{
@@ -1477,6 +1711,13 @@
"OSV esbuild"
]
},
{
"system_id": "esbuild",
"retired_source": "NVD esbuild",
"replacement_sources": [
"OSV esbuild"
]
},
{
"system_id": "express",
"retired_source": "GitHub Global Advisories",
@@ -1484,6 +1725,13 @@
"OSV Express"
]
},
{
"system_id": "express",
"retired_source": "NVD Express.js",
"replacement_sources": [
"OSV Express"
]
},
{
"system_id": "fastify",
"retired_source": "GitHub Global Advisories",
@@ -1498,6 +1746,14 @@
"OSV Flask"
]
},
{
"system_id": "ghost",
"retired_source": "NVD Ghost",
"replacement_sources": [
"Ghost GitHub Advisories",
"OSV Ghost"
]
},
{
"system_id": "hapi",
"retired_source": "GitHub Global Advisories",
@@ -1512,6 +1768,14 @@
"HAProxy Blog Feed"
]
},
{
"system_id": "joomla",
"retired_source": "NVD Joomla",
"replacement_sources": [
"Joomla Security Centre",
"OSV Joomla"
]
},
{
"system_id": "koa",
"retired_source": "GitHub Global Advisories",
@@ -1533,6 +1797,14 @@
"NVD Mattermost"
]
},
{
"system_id": "mattermost",
"retired_source": "NVD Mattermost",
"replacement_sources": [
"Mattermost Security Updates JSON",
"OSV Mattermost"
]
},
{
"system_id": "mediawiki",
"retired_source": "MediaWiki Security Releases",
@@ -1541,6 +1813,14 @@
"NVD MediaWiki"
]
},
{
"system_id": "mediawiki",
"retired_source": "NVD MediaWiki",
"replacement_sources": [
"MediaWiki Announce RSS",
"OSV MediaWiki"
]
},
{
"system_id": "moodle",
"retired_source": "Moodle Security News",
@@ -1548,6 +1828,13 @@
"NVD Moodle"
]
},
{
"system_id": "moodle",
"retired_source": "NVD Moodle",
"replacement_sources": [
"OSV Moodle"
]
},
{
"system_id": "nestjs",
"retired_source": "GitHub Global Advisories",
@@ -1555,6 +1842,13 @@
"OSV NestJS"
]
},
{
"system_id": "nestjs",
"retired_source": "NVD NestJS",
"replacement_sources": [
"OSV NestJS"
]
},
{
"system_id": "nextjs",
"retired_source": "GitHub Global Advisories",
@@ -1571,6 +1865,39 @@
"OSV Nuxt"
]
},
{
"system_id": "opencart",
"retired_source": "NVD OpenCart",
"replacement_sources": [
"OpenCart Releases",
"OSV OpenCart"
]
},
{
"system_id": "openmage",
"retired_source": "NVD OpenMage",
"replacement_sources": [
"OpenMage GitHub Advisories",
"OSV OpenMage"
]
},
{
"system_id": "phpmyadmin",
"retired_source": "NVD phpMyAdmin",
"replacement_sources": [
"phpMyAdmin Security Page",
"OSV phpMyAdmin"
]
},
{
"system_id": "prestashop",
"retired_source": "NVD PrestaShop",
"replacement_sources": [
"PrestaShop Security Page",
"GitHub PrestaShop Advisories",
"OSV PrestaShop"
]
},
{
"system_id": "rails",
"retired_source": "GitHub Global Advisories",
@@ -1578,6 +1905,13 @@
"OSV Rails"
]
},
{
"system_id": "rails",
"retired_source": "NVD Ruby on Rails",
"replacement_sources": [
"OSV Rails"
]
},
{
"system_id": "react",
"retired_source": "GitHub Global Advisories",
@@ -1586,6 +1920,29 @@
"OSV React"
]
},
{
"system_id": "redmine",
"retired_source": "NVD Redmine",
"replacement_sources": [
"Redmine Security Advisories"
]
},
{
"system_id": "saleor",
"retired_source": "NVD Saleor",
"replacement_sources": [
"GitHub Saleor Advisories",
"OSV Saleor"
]
},
{
"system_id": "shopware",
"retired_source": "NVD Shopware",
"replacement_sources": [
"Shopware Security Advisories",
"OSV Shopware"
]
},
{
"system_id": "spring-boot",
"retired_source": "GitHub Global Advisories",
@@ -1631,6 +1988,13 @@
"OSV Undici"
]
},
{
"system_id": "undici",
"retired_source": "NVD Undici",
"replacement_sources": [
"OSV Undici"
]
},
{
"system_id": "vite",
"retired_source": "GitHub Global Advisories",
@@ -1654,12 +2018,37 @@
"OSV webpack"
]
},
{
"system_id": "webpack",
"retired_source": "NVD webpack",
"replacement_sources": [
"OSV webpack"
]
},
{
"system_id": "werkzeug",
"retired_source": "GitHub Global Advisories",
"replacement_sources": [
"OSV Werkzeug"
]
},
{
"system_id": "woocommerce",
"retired_source": "NVD WooCommerce",
"replacement_sources": [
"Woo Developer Advisories",
"GitHub WooCommerce Advisories",
"OSV WooCommerce"
]
},
{
"system_id": "wordpress",
"retired_source": "NVD WordPress",
"replacement_sources": [
"WordPress Security News RSS",
"Wordfence Vulnerability Database",
"WPScan Vulnerability Database"
]
}
]
}

33
08-threat-intel/generated/source-catalog-audit.md
查看文件

@@ -1,11 +1,11 @@
# Source Catalog Audit
- generated_at: `2026-03-18T21:16:34+00:00`
- generated_at: `2026-03-19T02:22:09+00:00`
- systems: `62`
- sources: `161`
- active_sources: `125`
- retired_sources: `36`
- systems_with_active_official: `62/62`
- sources: `173`
- active_sources: `118`
- retired_sources: `55`
- systems_with_active_official: `61/62`
- systems_with_machine_readable_source: `62/62`
## Retired Sources
@@ -18,31 +18,50 @@
- `discourse` `Discourse Meta Security` -> replacements: `Discourse Release Notes RSS, GitHub Discourse Advisories` | reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
- `discourse` `GitHub Discourse Advisories` -> replacements: `Discourse Release Notes RSS, Discourse Security RSS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
- `django` `Django Security RSS` -> replacements: `Django Security Weblog, Django Security Releases Archive` | reason: Official security tag feed became unstable; use official weblog index and release archive instead.
- `drupal` `Drupal Security Advisories Site` -> replacements: `Drupal Security Advisories RSS, GHSA Drupal Core` | reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
- `drupal` `GHSA Drupal Core` -> replacements: `Drupal Security Advisories RSS, NVD Drupal` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
- `drupal` `NVD Drupal` -> replacements: `Drupal Security Advisories RSS, OSV Drupal` | reason: OSV Drupal + Drupal official RSS now cover machine-readable collection with lower cold-start latency than NVD public search.
- `esbuild` `GitHub Global Advisories` -> replacements: `OSV esbuild` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
- `esbuild` `NVD esbuild` -> replacements: `OSV esbuild` | reason: OSV esbuild replaces NVD public search for lower-latency machine-readable collection.
- `express` `GitHub Global Advisories` -> replacements: `OSV Express` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
- `express` `NVD Express.js` -> replacements: `OSV Express` | reason: OSV Express replaces NVD public search for lower-latency machine-readable collection.
- `fastify` `GitHub Global Advisories` -> replacements: `OSV Fastify` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
- `flask` `GitHub Global Advisories` -> replacements: `OSV Flask` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
- `ghost` `NVD Ghost` -> replacements: `Ghost GitHub Advisories, OSV Ghost` | reason: OSV Ghost replaces NVD for machine-readable collection and keeps npm package alignment.
- `hapi` `GitHub Global Advisories` -> replacements: `OSV Hapi` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
- `haproxy` `HAProxy Security Advisories` -> replacements: `HAProxy Blog Feed` | reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
- `joomla` `NVD Joomla` -> replacements: `Joomla Security Centre, OSV Joomla` | reason: OSV Joomla CMS replaces NVD for machine-readable collection without public NVD throttling.
- `koa` `GitHub Global Advisories` -> replacements: `OSV Koa` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
- `laravel` `GitHub Global Advisories` -> replacements: `OSV Laravel` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
- `mattermost` `Mattermost Security Updates` -> replacements: `NVD Mattermost` | reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
- `mattermost` `NVD Mattermost` -> replacements: `Mattermost Security Updates JSON, OSV Mattermost` | reason: Mattermost official JSON feed plus OSV Mattermost replace NVD for lower-latency machine-readable collection.
- `mediawiki` `MediaWiki Security Releases` -> replacements: `MediaWiki Announce RSS, NVD MediaWiki` | reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
- `mediawiki` `NVD MediaWiki` -> replacements: `MediaWiki Announce RSS, OSV MediaWiki` | reason: MediaWiki announce RSS plus OSV MediaWiki now replace NVD for lower-latency machine-readable collection.
- `moodle` `Moodle Security News` -> replacements: `NVD Moodle` | reason: Security page is reachable with a browser-style UA, but the current markup only exposes generic "Discuss this topic" anchors to the collector; NVD Moodle remains the active replacement source until a richer parser is added.
- `moodle` `NVD Moodle` -> replacements: `OSV Moodle` | reason: OSV Moodle replaces NVD for machine-readable collection while official Moodle sources remain for cross-checking.
- `nestjs` `GitHub Global Advisories` -> replacements: `OSV NestJS` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
- `nestjs` `NVD NestJS` -> replacements: `OSV NestJS` | reason: OSV NestJS replaces NVD public search for lower-latency machine-readable collection.
- `nextjs` `GitHub Global Advisories` -> replacements: `GitHub Next.js Advisories, OSV Next.js` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
- `nuxt` `GitHub Global Advisories` -> replacements: `Nuxt Security, OSV Nuxt` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
- `opencart` `NVD OpenCart` -> replacements: `OpenCart Releases, OSV OpenCart` | reason: OSV OpenCart replaces NVD for machine-readable collection while official release source remains active.
- `openmage` `NVD OpenMage` -> replacements: `OpenMage GitHub Advisories, OSV OpenMage` | reason: OSV OpenMage replaces NVD for machine-readable composer-aligned collection.
- `phpmyadmin` `NVD phpMyAdmin` -> replacements: `phpMyAdmin Security Page, OSV phpMyAdmin` | reason: OSV phpMyAdmin replaces NVD for machine-readable collection while the official security page remains active.
- `prestashop` `NVD PrestaShop` -> replacements: `PrestaShop Security Page, GitHub PrestaShop Advisories, OSV PrestaShop` | reason: OSV PrestaShop replaces NVD for machine-readable collection while official and ecosystem advisories remain active.
- `rails` `GitHub Global Advisories` -> replacements: `OSV Rails` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
- `rails` `NVD Ruby on Rails` -> replacements: `OSV Rails` | reason: OSV Rails replaces NVD public search for lower-latency machine-readable collection.
- `react` `GitHub Global Advisories` -> replacements: `GitHub React Advisories, OSV React` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
- `redmine` `NVD Redmine` -> replacements: `Redmine Security Advisories` | reason: Official Redmine advisories page remains active and NVD public search is retired to reduce cold-start latency.
- `saleor` `NVD Saleor` -> replacements: `GitHub Saleor Advisories, OSV Saleor` | reason: OSV Saleor replaces NVD for machine-readable collection and aligns with the published PyPI package.
- `shopware` `NVD Shopware` -> replacements: `Shopware Security Advisories, OSV Shopware` | reason: OSV Shopware replaces NVD for machine-readable collection with lower cold-start overhead.
- `spring-boot` `GitHub Global Advisories` -> replacements: `Spring Security Advisories, OSV Spring Boot` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `spring-framework` `GitHub Global Advisories` -> replacements: `Spring Security Advisories, OSV Spring Framework` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring official page and OSV remain the active replacements.
- `spring-security` `GitHub Global Advisories` -> replacements: `Spring Security Advisories, OSV Spring Security` | reason: Unauthenticated GitHub advisory API is quota-limited; Spring official page and OSV remain the active replacements.
- `sveltekit` `GitHub Global Advisories` -> replacements: `OSV SvelteKit` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
- `symfony` `GitHub Global Advisories` -> replacements: `OSV Symfony` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
- `undici` `GitHub Global Advisories` -> replacements: `OSV Undici` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
- `undici` `NVD Undici` -> replacements: `OSV Undici` | reason: OSV Undici replaces NVD public search for lower-latency machine-readable collection.
- `vite` `GitHub Global Advisories` -> replacements: `Vite Security, OSV Vite` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
- `vue` `GitHub Global Advisories` -> replacements: `Vue Security, OSV Vue` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
- `webpack` `GitHub Global Advisories` -> replacements: `OSV webpack` | reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
- `webpack` `NVD webpack` -> replacements: `OSV webpack` | reason: OSV webpack replaces NVD public search for lower-latency machine-readable collection.
- `werkzeug` `GitHub Global Advisories` -> replacements: `OSV Werkzeug` | reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
- `woocommerce` `NVD WooCommerce` -> replacements: `Woo Developer Advisories, GitHub WooCommerce Advisories, OSV WooCommerce` | reason: OSV WooCommerce replaces NVD for machine-readable collection while official and ecosystem advisory pages remain active.
- `wordpress` `NVD WordPress` -> replacements: `WordPress Security News RSS, Wordfence Vulnerability Database, WPScan Vulnerability Database` | reason: WordPress official RSS plus ecosystem plugin intelligence cover active collection with lower cold-start latency and lower public-search dependence than NVD.

337
08-threat-intel/generated/source-health.json
查看文件

文件差异内容过多而无法显示 加载差异