全库 Advisory 完整度报告

生成时间: 2026-03-18T21:16:46+00:00
最新 advisory 完整度: 89/2392 verified-real
合成验证数量: 0
阻塞数量: 0
人工/待补证据数量: 2303
完整度百分比: 3.7%
active source 全绿: 125/125
source open alerts: 0
最近一次 source 全绿: 2026-03-18T21:09:25+00:00

系统覆盖矩阵

系统	总数	verified-real	manual	family 覆盖
adminer	2	0	2	xss(0/2)
adobe-commerce	81	0	81	xss(0/81)
angular	2	0	2	xss(0/2)
apache-httpd	135	0	135	authz-bypass(0/1), file-upload(0/1), proxy-boundary(0/128), ssrf(0/1), xss(0/4)
apache-tomcat	136	0	136	authz-bypass(0/108), file-upload(0/2), path-traversal(0/3), plugin-extension(0/5), proxy-boundary(0/1), session-token(0/4), xss(0/13)
aspnet-core	3	0	3	xss(0/3)
astro	14	0	14	authz-bypass(0/1), file-upload(0/2), path-traversal(0/1), proxy-boundary(0/3), xss(0/7)
caddy	27	0	27	authz-bypass(0/5), file-upload(0/1), proxy-boundary(0/21)
directus	29	0	29	authz-bypass(0/3), file-upload(0/1), session-token(0/24), xss(0/1)
discourse	30	0	30	xss(0/30)
django	82	0	82	xss(0/82)
drupal	70	0	70	xss(0/70)
echo	2	0	2	authz-bypass(0/1), ssrf(0/1)
esbuild	1	0	1	file-upload(0/1)
express	1	0	1	xss(0/1)
fastify	1	0	1	xss(0/1)
flask	1	0	1	xss(0/1)
ghost	23	0	23	xss(0/23)
gin	1	0	1	xss(0/1)
gitea	50	37	13	authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/39), ssrf(1/1), xss(5/5)
gitlab-ce	55	0	55	deserialization(0/55)
grafana	60	0	60	xss(0/60)
hapi	1	0	1	proxy-boundary(0/1)
haproxy	6	0	6	proxy-boundary(0/6)
jenkins	60	0	60	deserialization(0/60)
joomla	100	0	100	xss(0/100)
kibana	41	0	41	xss(0/41)
koa	1	0	1	xss(0/1)
laravel	2	0	2	xss(0/2)
magento-open-source	89	0	89	authz-bypass(0/1), file-upload(0/3), plugin-extension(0/67), sqli(0/1), xss(0/17)
mattermost	20	0	20	xss(0/20)
mediawiki	70	0	70	xss(0/70)
medusa	15	0	15	session-token(0/15)
moodle	40	0	40	xss(0/40)
nestjs	2	0	2	ssrf(0/2)
nextjs	66	26	40	authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/55), request-smuggling(0/3), ssrf(2/2), xss(2/3)
nginx	110	0	110	authz-bypass(0/2), proxy-boundary(0/107), sqli(0/1)
nodejs	8	0	8	ssrf(0/8)
nuxt	28	0	28	proxy-boundary(0/26), xss(0/2)
opencart	100	0	100	deserialization(0/3), plugin-extension(0/69), sqli(0/12), ssrf(0/1), template-injection(0/1), xss(0/14)
openmage	27	0	27	plugin-extension(0/22), xss(0/5)
phpmyadmin	50	0	50	xss(0/50)
prestashop	112	0	112	file-upload(0/1), plugin-extension(0/91), sqli(0/4), xss(0/16)
rails	42	0	42	xss(0/42)
react	21	0	21	xss(0/21)
redmine	50	0	50	xss(0/50)
saleor	24	0	24	plugin-extension(0/1), session-token(0/22), xss(0/1)
shopware	71	0	71	authz-bypass(0/2), deserialization(0/1), plugin-extension(0/55), sqli(0/2), ssrf(0/1), xss(0/10)
spring-boot	2	0	2	authz-bypass(0/1), proxy-boundary(0/1)
spring-framework	11	0	11	authz-bypass(0/1), deserialization(0/9), sqli(0/1)
spring-security	3	0	3	authz-bypass(0/1), proxy-boundary(0/2)
strapi	26	0	26	authz-bypass(0/1), session-token(0/25)
sveltekit	3	0	3	deserialization(0/3)
symfony	9	0	9	xss(0/9)
traefik	43	0	43	authz-bypass(0/3), file-upload(0/2), proxy-boundary(0/37), request-smuggling(0/1)
undici	23	14	9	authz-bypass(0/1), ssrf(14/22)
vite	42	12	30	proxy-boundary(11/39), xss(1/3)
vue	15	0	15	xss(0/15)
webpack	1	0	1	file-upload(0/1)
werkzeug	1	0	1	proxy-boundary(0/1)
woocommerce	111	0	111	xss(0/111)
wordpress	140	0	140	xss(0/140)

历史阻塞项修复纪要

Docker daemon unavailable caused provision-compose-environment blocked-artifact.
Family profiles previously used note-only attack runners and dry-run placeholders.
Baseline and browser steps were skipped when environment readiness was not enforced.
Latest completeness now uses one advisory -> latest run semantics instead of historical run piles.
Source health now counts only status=active sources; retired sources are audited separately with replacement links.

Ingest / Source 健康度

source failures: 0
active sources: 125
green sources: 125
open alerts: 0

剩余风险说明

本报告按 advisory 的最新 run 计算；历史失败 run 仅保留审计价值，不再污染完整度数字。
browser_required=true 的案例必须同时存在基线与攻击后浏览器证据，缺失则不会进入 verified-real。
source collector 健康度单独计数；只有当 failures 归零时，报告与 dashboard 才算真正全绿。

5.6 KiB 原始文件 Blame 文件历史

全库 Advisory 完整度报告

系统覆盖矩阵

历史阻塞项修复纪要

Ingest / Source 健康度

剩余风险说明

5.6 KiB

原始文件 Blame 文件历史