kb: expand authorized lab coverage and intel automation

2026-03-16 22:04:51 -07:00
--- a/07-framework-security/frameworks/vite/INDEX.md
+++ b/07-framework-security/frameworks/vite/INDEX.md
@@ -0,0 +1,42 @@
+# Vite
+
+> `LAB ONLY` | `AUTHORIZED TARGETS ONLY` | 自动生成索引
+
+- 系统 ID: `vite`
+- 分类: `frameworks`
+- 覆盖策略: `history-full`
+- 总案例数: `12`
+- 近 30 天新增/更新: `0`
+- 重点 Markdown 案例数: `12`
+- 最近渲染时间: `2026-03-17T04:37:52+00:00`
+
+## 目标约束
+
+- 适用目标类型: `lab-local, lab-public, authorized-third-party`
+- 是否允许公网验证: `yes, but ownership or authorization is required`
+- 授权前提: 资产归属可证明，或已取得书面/明确授权。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 来源
+
+- `official` [Vite Security](https://github.com/vitejs/vite/security/advisories) (mode=core)
+- `official` [GitHub Global Advisories](https://github.com/advisories) (ecosystem=npm; mode=core)
+- `official` [OSV Vite](https://osv.dev/) (mode=core)
+
+## 案例列表
+
+| 标题 | 严重度 | 状态 | 来源置信度 | 更新时间 | 案例页 |
+|------|--------|------|------------|----------|--------|
+| vite allows server.fs.deny bypass via backslash on Windows | `medium` | `generated` | `official` | `2026-02-04T04:13:38.886554Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-62522.md) |
+| Vite middleware may serve files starting with the same name with the public directory | `medium` | `generated` | `official` | `2026-02-04T04:33:22.508417Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-58751.md) |
+| Vite's `server.fs` settings were not applied to HTML files | `medium` | `generated` | `official` | `2026-02-04T04:35:16.287471Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-58752.md) |
+| Vite's server.fs.deny bypassed with /. for files under project root | `medium` | `generated` | `official` | `2026-02-04T03:27:17.681639Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-46565.md) |
+| Vite has an `server.fs.deny` bypass with an invalid `request-target` | `medium` | `generated` | `official` | `2026-02-04T04:11:44.900383Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-32395.md) |
+| Vite allows server.fs.deny to be bypassed with .svg or relative paths | `low` | `generated` | `official` | `2026-02-04T03:51:38.412061Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-31486.md) |
+| Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query | `low` | `generated` | `official` | `2026-02-04T04:37:24.129476Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-31125.md) |
+| Vite bypasses server.fs.deny when using ?raw?? | `low` | `generated` | `official` | `2026-02-04T03:13:24.371631Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-30208.md) |
+| Websites were able to send any requests to the development server and read the response in vite | `low` | `generated` | `official` | `2026-02-04T04:37:03.076966Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2025-24010.md) |
+| Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS | `low` | `generated` | `official` | `2026-02-04T04:04:22.977459Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2024-45812.md) |
+| Vite's `server.fs.deny` is bypassed when using `?import&raw` | `low` | `generated` | `official` | `2026-02-04T04:05:31.919291Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2024-45811.md) |
+| Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem | `low` | `generated` | `official` | `2026-02-04T04:17:01.410592Z` | [link](/Users/x/websafe/07-framework-security/frameworks/vite/cases/vite-cve-2024-23331.md) |
--- a/07-framework-security/frameworks/vite/README.md
+++ b/07-framework-security/frameworks/vite/README.md
@@ -0,0 +1,16 @@
+# Vite
+
+> `LAB ONLY` | `AUTHORIZED TARGETS ONLY`
+
+- 分类: `frameworks`
+- 覆盖层级: `history-full`
+- Advisory 模式: core, plugin
+- 输出目录: `07-framework-security/frameworks/vite`
+- 修复主题: dependency-upgrade-policy, file-upload-validation, proxy-trust-boundary
+- 适用目标类型: `lab-local, lab-public, authorized-third-party`
+- 是否允许公网验证: `yes, but only for owned or authorized targets`
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+- 自动索引: [INDEX.md](/Users/x/websafe/07-framework-security/frameworks/vite/INDEX.md)
+- Registry 统计: [vite.json](/Users/x/websafe/08-threat-intel/registry/systems/vite.json)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2024-23331.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2024-23331.md
@@ -0,0 +1,94 @@
+---
+title: "Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2024-01-19T21:58:47Z"
+updated_date: "2026-02-04T04:17:01.410592Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2024-23331"
+  - "GHSA-c24v-8rfc-w8vw"
+affected_versions:
+  - "introduced=2.7.0, fixed<2.9.17"
+  - "introduced=3.0.0, fixed<3.2.8"
+  - "introduced=4.0.0, fixed<4.5.2"
+  - "introduced=5.0.0, fixed<5.0.12"
+fixed_versions:
+  - "2.9.17"
+  - "3.2.8"
+  - "4.5.2"
+  - "5.0.12"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-c24v-8rfc-w8vw"
+---
+
+# Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2024-23331`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-c24v-8rfc-w8vw
+- 影响版本: `introduced=2.7.0, fixed<2.9.17, introduced=3.0.0, fixed<3.2.8, introduced=4.0.0, fixed<4.5.2, introduced=5.0.0, fixed<5.0.12`
+- 修复版本: `2.9.17, 3.2.8, 4.5.2, 5.0.12`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2023-34092
+- https://nvd.nist.gov/vuln/detail/CVE-2024-23331
+- https://github.com/vitejs/vite/commit/0cd769c279724cf27934b1270fbdd45d68217691
+- https://github.com/vitejs/vite/commit/91641c4da0a011d4c5352e88fc68389d4e1289a5
+- https://github.com/vitejs/vite/commit/a26c87d20f9af306b5ce3ff1648be7fa5146c278
+- https://github.com/vitejs/vite/commit/eeec23bbc9d476c54a3a6d36e78455867185a7cb
+- https://github.com/vitejs/vite
+- https://vitejs.dev/config/server-options.html#server-fs-deny
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2024-45811.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2024-45811.md
@@ -0,0 +1,97 @@
+---
+title: "Vite's `server.fs.deny` is bypassed when using `?import&raw`"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2024-09-17T18:44:12Z"
+updated_date: "2026-02-04T04:05:31.919291Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2024-45811"
+  - "GHSA-9cwx-2883-4wfx"
+affected_versions:
+  - "introduced=5.4.0, fixed<5.4.6"
+  - "introduced=5.3.0, fixed<5.3.6"
+  - "introduced=5.2.0, fixed<5.2.14"
+  - "introduced=4.0.0, fixed<4.5.4"
+  - "introduced=0, fixed<3.2.11"
+  - "introduced=5.0.0, fixed<5.1.8"
+fixed_versions:
+  - "5.4.6"
+  - "5.3.6"
+  - "5.2.14"
+  - "4.5.4"
+  - "3.2.11"
+  - "5.1.8"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-9cwx-2883-4wfx"
+---
+
+# Vite's `server.fs.deny` is bypassed when using `?import&raw`
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2024-45811`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-9cwx-2883-4wfx
+- 影响版本: `introduced=5.4.0, fixed<5.4.6, introduced=5.3.0, fixed<5.3.6, introduced=5.2.0, fixed<5.2.14, introduced=4.0.0, fixed<4.5.4, introduced=0, fixed<3.2.11, introduced=5.0.0, fixed<5.1.8`
+- 修复版本: `5.4.6, 5.3.6, 5.2.14, 4.5.4, 3.2.11, 5.1.8`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2024-45811
+- https://github.com/vitejs/vite/commit/4573a6fd6f1b097fb7296a3e135e0646b996b249
+- https://github.com/vitejs/vite/commit/6820bb3b9a54334f3268fc5ee1e967d2e1c0db34
+- https://github.com/vitejs/vite/commit/8339d7408668686bae56eaccbfdc7b87612904bd
+- https://github.com/vitejs/vite/commit/a6da45082b6e73ddfdcdcc06bb5414f976a388d6
+- https://github.com/vitejs/vite/commit/b901438f99e667f76662840826eec91c8ab3b3e7
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2024-45812.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2024-45812.md
@@ -0,0 +1,119 @@
+---
+title: "Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2024-09-17T19:28:01Z"
+updated_date: "2026-02-04T04:04:22.977459Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2024-45812"
+  - "GHSA-64vr-g452-qvp3"
+affected_versions:
+  - "introduced=5.4.0, fixed<5.4.6"
+  - "introduced=5.3.0, fixed<5.3.6"
+  - "introduced=5.2.0, fixed<5.2.14"
+  - "introduced=4.0.0, fixed<4.5.4"
+  - "introduced=0, fixed<3.2.11"
+  - "introduced=5.0.0, fixed<5.1.8"
+fixed_versions:
+  - "5.4.6"
+  - "5.3.6"
+  - "5.2.14"
+  - "4.5.4"
+  - "3.2.11"
+  - "5.1.8"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+  - "xss-output-encoding"
+  - "plugin-extension-trust-policy"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-64vr-g452-qvp3"
+---
+
+# Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2024-45812`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-64vr-g452-qvp3
+- 影响版本: `introduced=5.4.0, fixed<5.4.6, introduced=5.3.0, fixed<5.3.6, introduced=5.2.0, fixed<5.2.14, introduced=4.0.0, fixed<4.5.4, introduced=0, fixed<3.2.11, introduced=5.0.0, fixed<5.1.8`
+- 修复版本: `5.4.6, 5.3.6, 5.2.14, 4.5.4, 3.2.11, 5.1.8`
+
+## 其他来源
+
+- https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986
+- https://nvd.nist.gov/vuln/detail/CVE-2024-45812
+- https://github.com/vitejs/vite/commit/179b17773cf35c73ddb041f9e6c703fd9f3126af
+- https://github.com/vitejs/vite/commit/2691bb3ff6b073b41fb9046909e1e03a74e36675
+- https://github.com/vitejs/vite/commit/2ddd8541ec3b2d2e5b698749e0f2362ef28056bd
+- https://github.com/vitejs/vite/commit/ade1d89660e17eedfd35652165b0c26905259fad
+- https://github.com/vitejs/vite/commit/e8127166979e7ace6eeaa2c3b733c8994caa31f3
+- https://github.com/vitejs/vite/commit/ebb94c5b3bf41950f45562595adec117a4d0ba5e
+- https://github.com/vitejs/vite
+- https://research.securitum.com/xss-in-amp4email-dom-clobbering
+- https://scnps.co/papers/sp23_domclob.pdf
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/plugin-extension-trust-policy.md)
+- [nodejs:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/nodejs/plugin-extension-trust-policy.md)
+- [java:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/java/plugin-extension-trust-policy.md)
+- [php:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/php/plugin-extension-trust-policy.md)
+- [python:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/python/plugin-extension-trust-policy.md)
+- [ruby:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/ruby/plugin-extension-trust-policy.md)
+- [csharp:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/csharp/plugin-extension-trust-policy.md)
+- [go:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/go/plugin-extension-trust-policy.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-24010.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-24010.md
@@ -0,0 +1,113 @@
+---
+title: "Websites were able to send any requests to the development server and read the response in vite"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-01-21T19:52:55Z"
+updated_date: "2026-02-04T04:37:03.076966Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-24010"
+  - "GHSA-vg6x-rcgg-rjx6"
+affected_versions:
+  - "introduced=6.0.0, fixed<6.0.9"
+  - "introduced=5.0.0, fixed<5.4.12"
+  - "introduced=0, fixed<4.5.6"
+fixed_versions:
+  - "6.0.9"
+  - "5.4.12"
+  - "4.5.6"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+  - "dom-sink-hardening"
+  - "token-cookie-storage"
+  - "plugin-extension-trust-policy"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6"
+---
+
+# Websites were able to send any requests to the development server and read the response in vite
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-24010`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6
+- 影响版本: `introduced=6.0.0, fixed<6.0.9, introduced=5.0.0, fixed<5.4.12, introduced=0, fixed<4.5.6`
+- 修复版本: `6.0.9, 5.4.12, 4.5.6`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-24010
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
+- [javascript-typescript:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dom-sink-hardening.md)
+- [nodejs:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/nodejs/dom-sink-hardening.md)
+- [java:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/java/dom-sink-hardening.md)
+- [php:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/php/dom-sink-hardening.md)
+- [python:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/python/dom-sink-hardening.md)
+- [ruby:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/ruby/dom-sink-hardening.md)
+- [csharp:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/csharp/dom-sink-hardening.md)
+- [go:dom-sink-hardening](/Users/x/websafe/05-defense/secure-code/go/dom-sink-hardening.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/plugin-extension-trust-policy.md)
+- [nodejs:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/nodejs/plugin-extension-trust-policy.md)
+- [java:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/java/plugin-extension-trust-policy.md)
+- [php:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/php/plugin-extension-trust-policy.md)
+- [python:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/python/plugin-extension-trust-policy.md)
+- [ruby:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/ruby/plugin-extension-trust-policy.md)
+- [csharp:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/csharp/plugin-extension-trust-policy.md)
+- [go:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/go/plugin-extension-trust-policy.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-30208.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-30208.md
@@ -0,0 +1,95 @@
+---
+title: "Vite bypasses server.fs.deny when using ?raw??"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-03-25T14:00:02Z"
+updated_date: "2026-02-04T03:13:24.371631Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-30208"
+  - "GHSA-x574-m823-4x7w"
+affected_versions:
+  - "introduced=6.2.0, fixed<6.2.3"
+  - "introduced=6.1.0, fixed<6.1.2"
+  - "introduced=6.0.0, fixed<6.0.12"
+  - "introduced=5.0.0, fixed<5.4.15"
+  - "introduced=0, fixed<4.5.10"
+fixed_versions:
+  - "6.2.3"
+  - "6.1.2"
+  - "6.0.12"
+  - "5.4.15"
+  - "4.5.10"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w"
+---
+
+# Vite bypasses server.fs.deny when using ?raw??
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-30208`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w
+- 影响版本: `introduced=6.2.0, fixed<6.2.3, introduced=6.1.0, fixed<6.1.2, introduced=6.0.0, fixed<6.0.12, introduced=5.0.0, fixed<5.4.15, introduced=0, fixed<4.5.10`
+- 修复版本: `6.2.3, 6.1.2, 6.0.12, 5.4.15, 4.5.10`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-30208
+- https://github.com/vitejs/vite/commit/315695e9d97cc6cfa7e6d9e0229fb50cdae3d9f4
+- https://github.com/vitejs/vite/commit/80381c38d6f068b12e6e928cd3c616bd1d64803c
+- https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41
+- https://github.com/vitejs/vite/commit/92ca12dc79118bf66f2b32ff81ed09e0d0bd07ca
+- https://github.com/vitejs/vite/commit/f234b5744d8b74c95535a7b82cc88ed2144263c1
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-31125.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-31125.md
@@ -0,0 +1,92 @@
+---
+title: "Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-03-31T17:31:54Z"
+updated_date: "2026-02-04T04:37:24.129476Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-31125"
+  - "GHSA-4r4m-qw57-chr8"
+affected_versions:
+  - "introduced=6.2.0, fixed<6.2.4"
+  - "introduced=6.1.0, fixed<6.1.3"
+  - "introduced=6.0.0, fixed<6.0.13"
+  - "introduced=5.0.0, fixed<5.4.16"
+  - "introduced=0, fixed<4.5.11"
+fixed_versions:
+  - "6.2.4"
+  - "6.1.3"
+  - "6.0.13"
+  - "5.4.16"
+  - "4.5.11"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-4r4m-qw57-chr8"
+---
+
+# Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-31125`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-4r4m-qw57-chr8
+- 影响版本: `introduced=6.2.0, fixed<6.2.4, introduced=6.1.0, fixed<6.1.3, introduced=6.0.0, fixed<6.0.13, introduced=5.0.0, fixed<5.4.16, introduced=0, fixed<4.5.11`
+- 修复版本: `6.2.4, 6.1.3, 6.0.13, 5.4.16, 4.5.11`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-31125
+- https://github.com/vitejs/vite/commit/59673137c45ac2bcfad1170d954347c1a17ab949
+- https://github.com/vitejs/vite
+- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31125
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-31486.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-31486.md
@@ -0,0 +1,101 @@
+---
+title: "Vite allows server.fs.deny to be bypassed with .svg or relative paths"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-04-04T14:20:05Z"
+updated_date: "2026-02-04T03:51:38.412061Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-31486"
+  - "GHSA-xcj6-pq6g-qj4x"
+affected_versions:
+  - "introduced=6.2.0, fixed<6.2.5"
+  - "introduced=6.1.0, fixed<6.1.4"
+  - "introduced=6.0.0, fixed<6.0.14"
+  - "introduced=5.0.0, fixed<5.4.17"
+  - "introduced=0, fixed<4.5.12"
+fixed_versions:
+  - "6.2.5"
+  - "6.1.4"
+  - "6.0.14"
+  - "5.4.17"
+  - "4.5.12"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+  - "plugin-extension-trust-policy"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-xcj6-pq6g-qj4x"
+---
+
+# Vite allows server.fs.deny to be bypassed with .svg or relative paths
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-31486`
+- 系统: `vite`
+- 严重度: `low`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-xcj6-pq6g-qj4x
+- 影响版本: `introduced=6.2.0, fixed<6.2.5, introduced=6.1.0, fixed<6.1.4, introduced=6.0.0, fixed<6.0.14, introduced=5.0.0, fixed<5.4.17, introduced=0, fixed<4.5.12`
+- 修复版本: `6.2.5, 6.1.4, 6.0.14, 5.4.17, 4.5.12`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-31486
+- https://github.com/vitejs/vite/commit/62d7e81ee189d65899bb65f3263ddbd85247b647
+- https://github.com/vitejs/vite
+- https://github.com/vitejs/vite/blob/037f801075ec35bb6e52145d659f71a23813c48f/packages/vite/src/node/plugins/asset.ts#L285-L290
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
+- [javascript-typescript:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/plugin-extension-trust-policy.md)
+- [nodejs:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/nodejs/plugin-extension-trust-policy.md)
+- [java:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/java/plugin-extension-trust-policy.md)
+- [php:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/php/plugin-extension-trust-policy.md)
+- [python:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/python/plugin-extension-trust-policy.md)
+- [ruby:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/ruby/plugin-extension-trust-policy.md)
+- [csharp:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/csharp/plugin-extension-trust-policy.md)
+- [go:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/go/plugin-extension-trust-policy.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-32395.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-32395.md
@@ -0,0 +1,91 @@
+---
+title: "Vite has an `server.fs.deny` bypass with an invalid `request-target`"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-04-11T14:06:03Z"
+updated_date: "2026-02-04T04:11:44.900383Z"
+severity: "medium"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-32395"
+  - "GHSA-356w-63v5-8wf4"
+affected_versions:
+  - "introduced=6.2.0, fixed<6.2.6"
+  - "introduced=6.1.0, fixed<6.1.5"
+  - "introduced=6.0.0, fixed<6.0.15"
+  - "introduced=5.0.0, fixed<5.4.18"
+  - "introduced=0, fixed<4.5.13"
+fixed_versions:
+  - "6.2.6"
+  - "6.1.5"
+  - "6.0.15"
+  - "5.4.18"
+  - "4.5.13"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-356w-63v5-8wf4"
+---
+
+# Vite has an `server.fs.deny` bypass with an invalid `request-target`
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-32395`
+- 系统: `vite`
+- 严重度: `medium`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-356w-63v5-8wf4
+- 影响版本: `introduced=6.2.0, fixed<6.2.6, introduced=6.1.0, fixed<6.1.5, introduced=6.0.0, fixed<6.0.15, introduced=5.0.0, fixed<5.4.18, introduced=0, fixed<4.5.13`
+- 修复版本: `6.2.6, 6.1.5, 6.0.15, 5.4.18, 4.5.13`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-32395
+- https://github.com/vitejs/vite/commit/175a83909f02d3b554452a7bd02b9f340cdfef70
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-46565.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-46565.md
@@ -0,0 +1,91 @@
+---
+title: "Vite's server.fs.deny bypassed with /. for files under project root"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-04-30T17:40:27Z"
+updated_date: "2026-02-04T03:27:17.681639Z"
+severity: "medium"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-46565"
+  - "GHSA-859w-5945-r5v3"
+affected_versions:
+  - "introduced=6.3.0, fixed<6.3.4"
+  - "introduced=6.2.0, fixed<6.2.7"
+  - "introduced=6.0.0, fixed<6.1.6"
+  - "introduced=5.0.0, fixed<5.4.19"
+  - "introduced=0, fixed<4.5.14"
+fixed_versions:
+  - "6.3.4"
+  - "6.2.7"
+  - "6.1.6"
+  - "5.4.19"
+  - "4.5.14"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-859w-5945-r5v3"
+---
+
+# Vite's server.fs.deny bypassed with /. for files under project root
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-46565`
+- 系统: `vite`
+- 严重度: `medium`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-859w-5945-r5v3
+- 影响版本: `introduced=6.3.0, fixed<6.3.4, introduced=6.2.0, fixed<6.2.7, introduced=6.0.0, fixed<6.1.6, introduced=5.0.0, fixed<5.4.19, introduced=0, fixed<4.5.14`
+- 修复版本: `6.3.4, 6.2.7, 6.1.6, 5.4.19, 4.5.14`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-46565
+- https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-58751.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-58751.md
@@ -0,0 +1,93 @@
+---
+title: "Vite middleware may serve files starting with the same name with the public directory"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-09-09T20:55:56Z"
+updated_date: "2026-02-04T04:33:22.508417Z"
+severity: "medium"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-58751"
+  - "GHSA-g4jq-h2w9-997c"
+affected_versions:
+  - "introduced=7.1.0, fixed<7.1.5"
+  - "introduced=7.0.0, fixed<7.0.7"
+  - "introduced=6.0.0, fixed<6.3.6"
+  - "introduced=0, fixed<5.4.20"
+fixed_versions:
+  - "7.1.5"
+  - "7.0.7"
+  - "6.3.6"
+  - "5.4.20"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-g4jq-h2w9-997c"
+---
+
+# Vite middleware may serve files starting with the same name with the public directory
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-58751`
+- 系统: `vite`
+- 严重度: `medium`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-g4jq-h2w9-997c
+- 影响版本: `introduced=7.1.0, fixed<7.1.5, introduced=7.0.0, fixed<7.0.7, introduced=6.0.0, fixed<6.3.6, introduced=0, fixed<5.4.20`
+- 修复版本: `7.1.5, 7.0.7, 6.3.6, 5.4.20`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-58751
+- https://github.com/lukeed/sirv/commit/f0113f3f8266328d804ee808f763a3c11f8997eb
+- https://github.com/vitejs/vite/commit/09f2b52e8d5907f26602653caf41b3a56692600d
+- https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069
+- https://github.com/vitejs/vite/commit/63e2a5d232218f3f8d852056751e609a5367aaec
+- https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-58752.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-58752.md
@@ -0,0 +1,102 @@
+---
+title: "Vite's `server.fs` settings were not applied to HTML files"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-09-09T20:54:42Z"
+updated_date: "2026-02-04T04:35:16.287471Z"
+severity: "medium"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-58752"
+  - "GHSA-jqfw-vq24-v9c3"
+affected_versions:
+  - "introduced=7.1.0, fixed<7.1.5"
+  - "introduced=7.0.0, fixed<7.0.7"
+  - "introduced=6.0.0, fixed<6.3.6"
+  - "introduced=0, fixed<5.4.20"
+fixed_versions:
+  - "7.1.5"
+  - "7.0.7"
+  - "6.3.6"
+  - "5.4.20"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+  - "plugin-extension-trust-policy"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3"
+---
+
+# Vite's `server.fs` settings were not applied to HTML files
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-58752`
+- 系统: `vite`
+- 严重度: `medium`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3
+- 影响版本: `introduced=7.1.0, fixed<7.1.5, introduced=7.0.0, fixed<7.0.7, introduced=6.0.0, fixed<6.3.6, introduced=0, fixed<5.4.20`
+- 修复版本: `7.1.5, 7.0.7, 6.3.6, 5.4.20`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-58752
+- https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f
+- https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e
+- https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea
+- https://github.com/vitejs/vite/commit/6f01ff4fe072bcfcd4e2a84811772b818cd51fe6
+- https://github.com/vitejs/vite
+- https://github.com/vitejs/vite/blob/v7.1.5/packages/vite/CHANGELOG.md
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)
+- [javascript-typescript:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/plugin-extension-trust-policy.md)
+- [nodejs:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/nodejs/plugin-extension-trust-policy.md)
+- [java:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/java/plugin-extension-trust-policy.md)
+- [php:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/php/plugin-extension-trust-policy.md)
+- [python:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/python/plugin-extension-trust-policy.md)
+- [ruby:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/ruby/plugin-extension-trust-policy.md)
+- [csharp:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/csharp/plugin-extension-trust-policy.md)
+- [go:plugin-extension-trust-policy](/Users/x/websafe/05-defense/secure-code/go/plugin-extension-trust-policy.md)
--- a/07-framework-security/frameworks/vite/cases/vite-cve-2025-62522.md
+++ b/07-framework-security/frameworks/vite/cases/vite-cve-2025-62522.md
@@ -0,0 +1,92 @@
+---
+title: "vite allows server.fs.deny bypass via backslash on Windows"
+system_id: "vite"
+category: "frameworks"
+advisory_mode: "core"
+published_date: "2025-10-20T19:54:28Z"
+updated_date: "2026-02-04T04:13:38.886554Z"
+severity: "medium"
+exploit_status: "unknown"
+source_confidence: "official"
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2025-62522"
+  - "GHSA-93m4-6634-74q7"
+affected_versions:
+  - "introduced=7.1.0, fixed<7.1.11"
+  - "introduced=7.0.0, fixed<7.0.8"
+  - "introduced=6.0.0, fixed<6.4.1"
+  - "introduced=2.9.18, fixed<5.4.21"
+  - "introduced=3.2.9, fixed<5.4.21"
+  - "introduced=4.5.3, fixed<5.4.21"
+  - "introduced=5.2.6, fixed<5.4.21"
+fixed_versions:
+  - "7.1.11"
+  - "7.0.8"
+  - "6.4.1"
+  - "5.4.21"
+secure_code_topics:
+  - "dependency-upgrade-policy"
+  - "file-upload-validation"
+  - "proxy-trust-boundary"
+primary_source: "https://github.com/vitejs/vite/security/advisories/GHSA-93m4-6634-74q7"
+---
+
+# vite allows server.fs.deny bypass via backslash on Windows
+
+## 事件层
+
+- Canonical ID: `vite--CVE-2025-62522`
+- 系统: `vite`
+- 严重度: `medium`
+- 来源置信度: `official`
+- 官方主源: https://github.com/vitejs/vite/security/advisories/GHSA-93m4-6634-74q7
+- 影响版本: `introduced=7.1.0, fixed<7.1.11, introduced=7.0.0, fixed<7.0.8, introduced=6.0.0, fixed<6.4.1, introduced=2.9.18, fixed<5.4.21, introduced=3.2.9, fixed<5.4.21, introduced=4.5.3, fixed<5.4.21, introduced=5.2.6, fixed<5.4.21`
+- 修复版本: `7.1.11, 7.0.8, 6.4.1, 5.4.21`
+
+## 其他来源
+
+- https://nvd.nist.gov/vuln/detail/CVE-2025-62522
+- https://github.com/vitejs/vite/commit/f479cc57c425ed41ceb434fecebd63931b1ed4ed
+- https://github.com/vitejs/vite
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/javascript-typescript/proxy-trust-boundary.md)
+- [nodejs:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/nodejs/proxy-trust-boundary.md)
+- [java:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/java/proxy-trust-boundary.md)
+- [php:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/php/proxy-trust-boundary.md)
+- [python:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/python/proxy-trust-boundary.md)
+- [ruby:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/ruby/proxy-trust-boundary.md)
+- [csharp:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/csharp/proxy-trust-boundary.md)
+- [go:proxy-trust-boundary](/Users/x/websafe/05-defense/secure-code/go/proxy-trust-boundary.md)