2169 行
69 KiB
YAML
2169 行
69 KiB
YAML
version: 1
|
|
systems:
|
|
- system_id: wordpress
|
|
display_name: WordPress
|
|
category: cms
|
|
tier: history-full
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: WordPress Security News
|
|
kind: html-links
|
|
url: https://wordpress.org/news/category/security/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [wordpress, security, release]
|
|
max_items: 40
|
|
- name: NVD WordPress
|
|
kind: nvd-search
|
|
keyword: WordPress
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources:
|
|
- name: Wordfence Vulnerability Database
|
|
kind: html-links
|
|
url: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: plugin
|
|
keywords: [wordpress, plugin]
|
|
max_items: 50
|
|
- name: Patchstack Database
|
|
kind: html-links
|
|
url: https://patchstack.com/database/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: plugin
|
|
keywords: [wordpress, plugin, theme]
|
|
max_items: 50
|
|
- name: WPScan Vulnerability Database
|
|
kind: html-links
|
|
url: https://wpscan.com/blog/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: plugin
|
|
keywords: [wordpress, plugin, vulnerability]
|
|
max_items: 50
|
|
research_sources:
|
|
- name: PortSwigger Research
|
|
kind: html-links
|
|
url: https://portswigger.net/research
|
|
confidence: research
|
|
advisory_mode: core
|
|
keywords: [wordpress]
|
|
max_items: 20
|
|
package_names: []
|
|
cpe_keys: ["wordpress:wordpress"]
|
|
ghsa_keywords: [wordpress, wp-admin, wp-includes]
|
|
kev_keywords: [wordpress]
|
|
output_dir: 07-framework-security/cms/wordpress
|
|
secure_code_topics: [plugin-extension-trust-policy, xss-output-encoding, file-upload-validation, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: drupal
|
|
display_name: Drupal
|
|
category: cms
|
|
tier: history-full
|
|
advisory_modes: [core, module]
|
|
official_sources:
|
|
- name: Drupal Security Advisories RSS
|
|
kind: rss-feed
|
|
url: https://www.drupal.org/security/rss.xml
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [drupal, sa-core, security]
|
|
max_items: 60
|
|
- name: NVD Drupal
|
|
kind: nvd-search
|
|
keyword: Drupal
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources:
|
|
- name: Drupal Security Advisories Site
|
|
kind: html-links
|
|
url: https://www.drupal.org/security
|
|
confidence: ecosystem-authority
|
|
advisory_mode: module
|
|
keywords: [drupal, module, sa-contrib]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Drupal security index page became unstable for repeated HTML scraping; RSS + GHSA replacement is used for active monitoring.
|
|
replacement_sources: [Drupal Security Advisories RSS, GHSA Drupal Core]
|
|
- name: GHSA Drupal Core
|
|
kind: ghsa-global
|
|
ecosystem: composer
|
|
confidence: ecosystem-authority
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; RSS and NVD remain active replacements.
|
|
replacement_sources: [Drupal Security Advisories RSS, NVD Drupal]
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: drupal/core
|
|
cpe_keys: ["drupal:drupal"]
|
|
ghsa_keywords: [drupal, drupal core]
|
|
kev_keywords: [drupal]
|
|
output_dir: 07-framework-security/cms/drupal
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: joomla
|
|
display_name: Joomla
|
|
category: cms
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Joomla Security Centre
|
|
kind: html-links
|
|
url: https://developer.joomla.org/security-centre.html
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [joomla, security]
|
|
max_items: 50
|
|
- name: NVD Joomla
|
|
kind: nvd-search
|
|
keyword: Joomla
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["joomla:joomla!"]
|
|
ghsa_keywords: [joomla]
|
|
kev_keywords: [joomla]
|
|
output_dir: 07-framework-security/cms/joomla
|
|
secure_code_topics: [xss-output-encoding, file-upload-validation, path-traversal-guard, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: ghost
|
|
display_name: Ghost
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Ghost GitHub Advisories
|
|
kind: html-links
|
|
url: https://github.com/TryGhost/Ghost/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [ghost]
|
|
max_items: 50
|
|
- name: NVD Ghost
|
|
kind: nvd-search
|
|
keyword: Ghost CMS
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: ghost
|
|
cpe_keys: []
|
|
ghsa_keywords: [ghost]
|
|
kev_keywords: [ghost]
|
|
output_dir: 07-framework-security/cms/ghost
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: strapi
|
|
display_name: Strapi
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Strapi GitHub Advisories
|
|
kind: html-links
|
|
url: https://github.com/strapi/strapi/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [strapi]
|
|
max_items: 50
|
|
- name: OSV Strapi
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: strapi
|
|
- ecosystem: npm
|
|
name: "@strapi/strapi"
|
|
cpe_keys: []
|
|
ghsa_keywords: [strapi]
|
|
kev_keywords: [strapi]
|
|
output_dir: 07-framework-security/cms/strapi
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: directus
|
|
display_name: Directus
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Directus GitHub Advisories
|
|
kind: html-links
|
|
url: https://github.com/directus/directus/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [directus]
|
|
max_items: 50
|
|
- name: OSV Directus
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: directus
|
|
cpe_keys: []
|
|
ghsa_keywords: [directus]
|
|
kev_keywords: [directus]
|
|
output_dir: 07-framework-security/cms/directus
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: mediawiki
|
|
display_name: MediaWiki
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: MediaWiki Security Releases
|
|
kind: html-links
|
|
url: https://www.mediawiki.org/wiki/Security
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [mediawiki, security]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: MediaWiki security page is no longer reachable reliably from the collector path; NVD replacement remains active.
|
|
replacement_sources: [NVD MediaWiki]
|
|
- name: NVD MediaWiki
|
|
kind: nvd-search
|
|
keyword: MediaWiki
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["mediawiki:mediawiki"]
|
|
ghsa_keywords: [mediawiki]
|
|
kev_keywords: [mediawiki]
|
|
output_dir: 07-framework-security/cms/mediawiki
|
|
secure_code_topics: [xss-output-encoding, authz-server-side-recheck, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: moodle
|
|
display_name: Moodle
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Moodle Security News
|
|
kind: html-links
|
|
url: https://moodle.org/security/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [moodle, security]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Moodle security page returned repeated 403 responses from the collector path; NVD replacement remains active.
|
|
replacement_sources: [NVD Moodle]
|
|
- name: NVD Moodle
|
|
kind: nvd-search
|
|
keyword: Moodle
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["moodle:moodle"]
|
|
ghsa_keywords: [moodle]
|
|
kev_keywords: [moodle]
|
|
output_dir: 07-framework-security/cms/moodle
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: discourse
|
|
display_name: Discourse
|
|
category: cms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Discourse Meta Security
|
|
kind: html-links
|
|
url: https://meta.discourse.org/c/bug/security/40
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [discourse, security]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Meta security category HTML changed and no longer provides stable scrape semantics for health checks.
|
|
replacement_sources: [Discourse Release Notes RSS, GitHub Discourse Advisories]
|
|
- name: Discourse Release Notes RSS
|
|
kind: rss-feed
|
|
url: https://meta.discourse.org/tag/release-notes.rss
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [discourse, security, cve]
|
|
max_items: 60
|
|
- name: GitHub Discourse Advisories
|
|
kind: ghsa-global
|
|
ecosystem: rubygems
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Discourse release feed remains the active official source.
|
|
replacement_sources: [Discourse Release Notes RSS]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: rubygems
|
|
name: discourse
|
|
cpe_keys: []
|
|
ghsa_keywords: [discourse]
|
|
kev_keywords: [discourse]
|
|
output_dir: 07-framework-security/cms/discourse
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: adobe-commerce
|
|
display_name: Adobe Commerce
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Adobe Security Bulletins
|
|
kind: html-links
|
|
url: https://helpx.adobe.com/security/products/magento.html
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [adobe commerce, magento, apsb]
|
|
max_items: 60
|
|
status: retired
|
|
retired_reason: Original bulletin index probe was unstable under the old transport path; vendor index replacement uses explicit request policy and parser hints.
|
|
replacement_sources: [Adobe Magento Security Index, NVD Adobe Commerce, GHSA Adobe Commerce]
|
|
- name: Adobe Magento Security Index
|
|
kind: vendor-index
|
|
url: https://helpx.adobe.com/security/products/magento.html
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [adobe commerce, magento, apsb, security]
|
|
max_items: 60
|
|
request_policy:
|
|
user_agent: python-requests/2.31.0
|
|
timeout_seconds: 45
|
|
verify_tls: false
|
|
http_version: "1.1"
|
|
parser_hints:
|
|
keywords: [adobe commerce, magento, apsb, security]
|
|
include_url_patterns: [magento, security, APSB]
|
|
- name: NVD Adobe Commerce
|
|
kind: nvd-search
|
|
keyword: Adobe Commerce
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources:
|
|
- name: GHSA Adobe Commerce
|
|
kind: ghsa-global
|
|
ecosystem: composer
|
|
confidence: ecosystem-authority
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Adobe index and NVD remain active replacements.
|
|
replacement_sources: [Adobe Magento Security Index, NVD Adobe Commerce]
|
|
- name: Sansec Research
|
|
kind: vendor-index
|
|
url: https://sansec.io/research
|
|
confidence: ecosystem-authority
|
|
advisory_mode: extension
|
|
keywords: [magento, adobe commerce]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Research index is too slow for daily active monitoring; GHSA Adobe Commerce provides a stable machine-readable replacement.
|
|
replacement_sources: [GHSA Adobe Commerce, Adobe Magento Security Index]
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: magento/product-community-edition
|
|
- ecosystem: composer
|
|
name: magento/framework
|
|
cpe_keys: ["adobe:commerce", "magento:magento"]
|
|
ghsa_keywords: [magento, adobe commerce]
|
|
kev_keywords: [magento, adobe commerce]
|
|
output_dir: 07-framework-security/ecommerce/adobe-commerce
|
|
secure_code_topics: [authz-server-side-recheck, file-upload-validation, xss-output-encoding, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: magento-open-source
|
|
display_name: Magento Open Source
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Magento GitHub Advisories
|
|
kind: html-links
|
|
url: https://github.com/magento/magento2/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [magento]
|
|
max_items: 50
|
|
- name: NVD Magento
|
|
kind: nvd-search
|
|
keyword: Magento
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources:
|
|
- name: Sansec Research
|
|
kind: html-links
|
|
url: https://sansec.io/research
|
|
confidence: ecosystem-authority
|
|
advisory_mode: extension
|
|
keywords: [magento]
|
|
max_items: 50
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: magento/product-community-edition
|
|
- ecosystem: composer
|
|
name: magento/framework
|
|
cpe_keys: ["magento:magento"]
|
|
ghsa_keywords: [magento]
|
|
kev_keywords: [magento]
|
|
output_dir: 07-framework-security/ecommerce/magento-open-source
|
|
secure_code_topics: [authz-server-side-recheck, file-upload-validation, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: openmage
|
|
display_name: OpenMage / Mage-OS
|
|
category: ecommerce
|
|
tier: rolling-24m
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: OpenMage GitHub Advisories
|
|
kind: html-links
|
|
url: https://github.com/OpenMage/magento-lts/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [openmage, mage]
|
|
max_items: 50
|
|
- name: NVD OpenMage
|
|
kind: nvd-search
|
|
keyword: OpenMage
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: openmage/magento-lts
|
|
cpe_keys: []
|
|
ghsa_keywords: [openmage, mage-os]
|
|
kev_keywords: [openmage]
|
|
output_dir: 07-framework-security/ecommerce/openmage
|
|
secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: woocommerce
|
|
display_name: WooCommerce
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Woo Developer Advisories
|
|
kind: html-links
|
|
url: https://developer.woocommerce.com/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [woocommerce, security]
|
|
max_items: 50
|
|
- name: GitHub WooCommerce Advisories
|
|
kind: html-links
|
|
url: https://github.com/woocommerce/woocommerce/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [woocommerce]
|
|
max_items: 50
|
|
ecosystem_sources:
|
|
- name: Patchstack Database
|
|
kind: html-links
|
|
url: https://patchstack.com/database/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: extension
|
|
keywords: [woocommerce]
|
|
max_items: 50
|
|
- name: Wordfence Vulnerability Database
|
|
kind: html-links
|
|
url: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: extension
|
|
keywords: [woocommerce]
|
|
max_items: 50
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@woocommerce/blocks"
|
|
- ecosystem: composer
|
|
name: woocommerce/woocommerce
|
|
cpe_keys: []
|
|
ghsa_keywords: [woocommerce]
|
|
kev_keywords: [woocommerce]
|
|
output_dir: 07-framework-security/ecommerce/woocommerce
|
|
secure_code_topics: [plugin-extension-trust-policy, xss-output-encoding, authz-server-side-recheck]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: prestashop
|
|
display_name: PrestaShop
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, module]
|
|
official_sources:
|
|
- name: PrestaShop Security Page
|
|
kind: html-links
|
|
url: https://build.prestashop-project.org/news/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [prestashop, security]
|
|
max_items: 50
|
|
- name: GitHub PrestaShop Advisories
|
|
kind: html-links
|
|
url: https://github.com/PrestaShop/PrestaShop/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [prestashop]
|
|
max_items: 50
|
|
ecosystem_sources:
|
|
- name: Friends Of Presta Security
|
|
kind: html-links
|
|
url: https://security.friendsofpresta.org/
|
|
confidence: ecosystem-authority
|
|
advisory_mode: module
|
|
keywords: [prestashop, module]
|
|
max_items: 50
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: prestashop/prestashop
|
|
cpe_keys: ["prestashop:prestashop"]
|
|
ghsa_keywords: [prestashop]
|
|
kev_keywords: [prestashop]
|
|
output_dir: 07-framework-security/ecommerce/prestashop
|
|
secure_code_topics: [plugin-extension-trust-policy, authz-server-side-recheck, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: shopware
|
|
display_name: Shopware
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: Shopware Security Advisories
|
|
kind: html-links
|
|
url: https://github.com/shopware/shopware/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [shopware]
|
|
max_items: 50
|
|
- name: NVD Shopware
|
|
kind: nvd-search
|
|
keyword: Shopware
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: shopware/platform
|
|
cpe_keys: []
|
|
ghsa_keywords: [shopware]
|
|
kev_keywords: [shopware]
|
|
output_dir: 07-framework-security/ecommerce/shopware
|
|
secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: opencart
|
|
display_name: OpenCart
|
|
category: ecommerce
|
|
tier: history-full
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: OpenCart Releases
|
|
kind: html-links
|
|
url: https://github.com/opencart/opencart/releases
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [opencart]
|
|
max_items: 50
|
|
- name: NVD OpenCart
|
|
kind: nvd-search
|
|
keyword: OpenCart
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 50
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: composer
|
|
name: opencart/opencart
|
|
cpe_keys: ["opencart:opencart"]
|
|
ghsa_keywords: [opencart]
|
|
kev_keywords: [opencart]
|
|
output_dir: 07-framework-security/ecommerce/opencart
|
|
secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: saleor
|
|
display_name: Saleor
|
|
category: ecommerce
|
|
tier: rolling-24m
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: GitHub Saleor Advisories
|
|
kind: html-links
|
|
url: https://github.com/saleor/saleor/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [saleor]
|
|
max_items: 50
|
|
- name: NVD Saleor
|
|
kind: nvd-search
|
|
keyword: Saleor
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: pypi
|
|
name: saleor
|
|
cpe_keys: []
|
|
ghsa_keywords: [saleor]
|
|
kev_keywords: [saleor]
|
|
output_dir: 07-framework-security/ecommerce/saleor
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: medusa
|
|
display_name: Medusa
|
|
category: ecommerce
|
|
tier: rolling-24m
|
|
advisory_modes: [core, extension]
|
|
official_sources:
|
|
- name: GitHub Medusa Advisories
|
|
kind: html-links
|
|
url: https://github.com/medusajs/medusa/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [medusa]
|
|
max_items: 50
|
|
- name: OSV Medusa
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@medusajs/medusa"
|
|
cpe_keys: []
|
|
ghsa_keywords: [medusa]
|
|
kev_keywords: [medusa]
|
|
output_dir: 07-framework-security/ecommerce/medusa
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: react
|
|
display_name: React
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GitHub React Advisories
|
|
kind: html-links
|
|
url: https://github.com/facebook/react/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [react]
|
|
max_items: 50
|
|
- name: GHSA React
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub React Advisories and OSV React remain active replacements.
|
|
replacement_sources: [GitHub React Advisories, OSV React]
|
|
- name: OSV React
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: react
|
|
- ecosystem: npm
|
|
name: react-dom
|
|
cpe_keys: []
|
|
ghsa_keywords: [react, react-dom]
|
|
kev_keywords: [react]
|
|
output_dir: 07-framework-security/frameworks/react
|
|
secure_code_topics: [xss-output-encoding, dom-sink-hardening, csp-trusted-types]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: nextjs
|
|
display_name: Next.js
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GitHub Next.js Advisories
|
|
kind: html-links
|
|
url: https://github.com/vercel/next.js/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [next.js, next]
|
|
max_items: 50
|
|
- name: GHSA Next.js
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; GitHub Next.js Advisories and OSV Next.js remain active replacements.
|
|
replacement_sources: [GitHub Next.js Advisories, OSV Next.js]
|
|
- name: OSV Next.js
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: next
|
|
cpe_keys: []
|
|
ghsa_keywords: [next.js, next]
|
|
kev_keywords: [next]
|
|
output_dir: 07-framework-security/frameworks/nextjs
|
|
secure_code_topics: [authz-server-side-recheck, proxy-trust-boundary, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: vue
|
|
display_name: Vue
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Vue Security
|
|
kind: html-links
|
|
url: https://github.com/vuejs/core/security
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [vue]
|
|
max_items: 50
|
|
- name: GHSA Vue
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vue Security and OSV Vue remain active replacements.
|
|
replacement_sources: [Vue Security, OSV Vue]
|
|
- name: OSV Vue
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: vue
|
|
- ecosystem: npm
|
|
name: "@vue/compiler-sfc"
|
|
cpe_keys: []
|
|
ghsa_keywords: [vue, vue compiler]
|
|
kev_keywords: [vue]
|
|
output_dir: 07-framework-security/frameworks/vue
|
|
secure_code_topics: [xss-output-encoding, template-injection-guard, csp-trusted-types]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: nuxt
|
|
display_name: Nuxt
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Nuxt Security
|
|
kind: html-links
|
|
url: https://github.com/nuxt/nuxt/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [nuxt]
|
|
max_items: 50
|
|
- name: GHSA Nuxt
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Nuxt Security and OSV Nuxt remain active replacements.
|
|
replacement_sources: [Nuxt Security, OSV Nuxt]
|
|
- name: OSV Nuxt
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: nuxt
|
|
cpe_keys: []
|
|
ghsa_keywords: [nuxt]
|
|
kev_keywords: [nuxt]
|
|
output_dir: 07-framework-security/frameworks/nuxt
|
|
secure_code_topics: [authz-server-side-recheck, proxy-trust-boundary, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: vite
|
|
display_name: Vite
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Vite Security
|
|
kind: html-links
|
|
url: https://github.com/vitejs/vite/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [vite]
|
|
max_items: 50
|
|
- name: GHSA Vite
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Vite Security and OSV Vite remain active replacements.
|
|
replacement_sources: [Vite Security, OSV Vite]
|
|
- name: OSV Vite
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: vite
|
|
cpe_keys: []
|
|
ghsa_keywords: [vite]
|
|
kev_keywords: [vite]
|
|
output_dir: 07-framework-security/frameworks/vite
|
|
secure_code_topics: [dependency-upgrade-policy, file-upload-validation, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: angular
|
|
display_name: Angular
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Angular
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Angular remains the active replacement source.
|
|
replacement_sources: [OSV Angular]
|
|
- name: OSV Angular
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@angular/core"
|
|
- ecosystem: npm
|
|
name: "@angular/compiler"
|
|
cpe_keys: []
|
|
ghsa_keywords: [angular]
|
|
kev_keywords: [angular]
|
|
output_dir: 07-framework-security/frameworks/angular
|
|
secure_code_topics: [xss-output-encoding, template-injection-guard, csp-trusted-types]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: sveltekit
|
|
display_name: SvelteKit
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA SvelteKit
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV SvelteKit remains the active replacement source.
|
|
replacement_sources: [OSV SvelteKit]
|
|
- name: OSV SvelteKit
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@sveltejs/kit"
|
|
cpe_keys: []
|
|
ghsa_keywords: [sveltekit, svelte]
|
|
kev_keywords: [sveltekit]
|
|
output_dir: 07-framework-security/frameworks/sveltekit
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: astro
|
|
display_name: Astro
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Astro
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Astro remains the active replacement source.
|
|
replacement_sources: [OSV Astro]
|
|
- name: OSV Astro
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: astro
|
|
cpe_keys: []
|
|
ghsa_keywords: [astro]
|
|
kev_keywords: [astro]
|
|
output_dir: 07-framework-security/frameworks/astro
|
|
secure_code_topics: [authz-server-side-recheck, csp-trusted-types]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: express
|
|
display_name: Express
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Express
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Express remains the active replacement source.
|
|
replacement_sources: [OSV Express]
|
|
- name: OSV Express
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: express
|
|
cpe_keys: []
|
|
ghsa_keywords: [express]
|
|
kev_keywords: [express]
|
|
output_dir: 07-framework-security/frameworks/express
|
|
secure_code_topics: [xss-output-encoding, ssrf-url-validation, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: nestjs
|
|
display_name: NestJS
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA NestJS
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV NestJS remains the active replacement source.
|
|
replacement_sources: [OSV NestJS]
|
|
- name: OSV NestJS
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@nestjs/core"
|
|
cpe_keys: []
|
|
ghsa_keywords: [nestjs]
|
|
kev_keywords: [nestjs]
|
|
output_dir: 07-framework-security/frameworks/nestjs
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, ssrf-url-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: koa
|
|
display_name: Koa
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Koa
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Koa remains the active replacement source.
|
|
replacement_sources: [OSV Koa]
|
|
- name: OSV Koa
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: koa
|
|
cpe_keys: []
|
|
ghsa_keywords: [koa]
|
|
kev_keywords: [koa]
|
|
output_dir: 07-framework-security/frameworks/koa
|
|
secure_code_topics: [proxy-trust-boundary, ssrf-url-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: fastify
|
|
display_name: Fastify
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Fastify
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Fastify remains the active replacement source.
|
|
replacement_sources: [OSV Fastify]
|
|
- name: OSV Fastify
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: fastify
|
|
cpe_keys: []
|
|
ghsa_keywords: [fastify]
|
|
kev_keywords: [fastify]
|
|
output_dir: 07-framework-security/frameworks/fastify
|
|
secure_code_topics: [proxy-trust-boundary, ssrf-url-validation, xss-output-encoding]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: hapi
|
|
display_name: Hapi
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Hapi
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Hapi remains the active replacement source.
|
|
replacement_sources: [OSV Hapi]
|
|
- name: OSV Hapi
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: "@hapi/hapi"
|
|
cpe_keys: []
|
|
ghsa_keywords: [hapi]
|
|
kev_keywords: [hapi]
|
|
output_dir: 07-framework-security/frameworks/hapi
|
|
secure_code_topics: [proxy-trust-boundary, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: nodejs
|
|
display_name: Node.js
|
|
category: frameworks
|
|
tier: history-full
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Node.js Security Releases
|
|
kind: html-links
|
|
url: https://nodejs.org/en/blog/vulnerability
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [node.js, security]
|
|
max_items: 60
|
|
- name: CISA KEV Node.js
|
|
kind: kev-json
|
|
url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [node.js, nodejs]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["nodejs:node.js"]
|
|
ghsa_keywords: [nodejs, node.js]
|
|
kev_keywords: [nodejs, node.js]
|
|
output_dir: 07-framework-security/frameworks/nodejs
|
|
secure_code_topics: [ssrf-url-validation, request-smuggling-boundary, dependency-upgrade-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: undici
|
|
display_name: Undici
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Undici
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV Undici remains the active replacement source.
|
|
replacement_sources: [OSV Undici]
|
|
- name: OSV Undici
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: undici
|
|
cpe_keys: []
|
|
ghsa_keywords: [undici]
|
|
kev_keywords: [undici]
|
|
output_dir: 07-framework-security/frameworks/undici
|
|
secure_code_topics: [ssrf-url-validation, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: webpack
|
|
display_name: webpack
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: GHSA webpack
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV webpack remains the active replacement source.
|
|
replacement_sources: [OSV webpack]
|
|
- name: OSV webpack
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: webpack
|
|
cpe_keys: []
|
|
ghsa_keywords: [webpack]
|
|
kev_keywords: [webpack]
|
|
output_dir: 07-framework-security/frameworks/webpack
|
|
secure_code_topics: [dependency-upgrade-policy, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: esbuild
|
|
display_name: esbuild
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA esbuild
|
|
kind: ghsa-global
|
|
ecosystem: npm
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; OSV esbuild remains the active replacement source.
|
|
replacement_sources: [OSV esbuild]
|
|
- name: OSV esbuild
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: npm
|
|
name: esbuild
|
|
cpe_keys: []
|
|
ghsa_keywords: [esbuild]
|
|
kev_keywords: [esbuild]
|
|
output_dir: 07-framework-security/frameworks/esbuild
|
|
secure_code_topics: [dependency-upgrade-policy, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: spring-framework
|
|
display_name: Spring Framework
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Spring Security Advisories
|
|
kind: html-links
|
|
url: https://spring.io/security
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [spring framework, cve]
|
|
max_items: 50
|
|
- name: GHSA Spring Framework
|
|
kind: ghsa-global
|
|
ecosystem: maven
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GHSA API requests are rate-limited in daily monitoring; Spring Security Advisories remains the active replacement source.
|
|
replacement_sources: [Spring Security Advisories]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Maven
|
|
name: org.springframework:spring-web
|
|
- ecosystem: Maven
|
|
name: org.springframework:spring-core
|
|
cpe_keys: ["vmware:spring_framework"]
|
|
ghsa_keywords: [spring framework]
|
|
kev_keywords: [spring]
|
|
output_dir: 07-framework-security/frameworks/spring-framework
|
|
secure_code_topics: [authz-server-side-recheck, path-traversal-guard, deserialization-safety]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: spring-security
|
|
display_name: Spring Security
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Spring Security Advisories
|
|
kind: html-links
|
|
url: https://spring.io/security
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [spring security]
|
|
max_items: 50
|
|
- name: GHSA Spring Security
|
|
kind: ghsa-global
|
|
ecosystem: maven
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
|
|
replacement_sources: [Spring Security Advisories]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Maven
|
|
name: org.springframework.security:spring-security-web
|
|
cpe_keys: []
|
|
ghsa_keywords: [spring security]
|
|
kev_keywords: [spring security]
|
|
output_dir: 07-framework-security/frameworks/spring-security
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: spring-boot
|
|
display_name: Spring Boot
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Spring Security Advisories
|
|
kind: html-links
|
|
url: https://spring.io/security
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [spring boot]
|
|
max_items: 50
|
|
- name: GHSA Spring Boot
|
|
kind: ghsa-global
|
|
ecosystem: maven
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; Spring official security page remains the active source.
|
|
replacement_sources: [Spring Security Advisories]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Maven
|
|
name: org.springframework.boot:spring-boot
|
|
cpe_keys: []
|
|
ghsa_keywords: [spring boot]
|
|
kev_keywords: [spring boot]
|
|
output_dir: 07-framework-security/frameworks/spring-boot
|
|
secure_code_topics: [proxy-trust-boundary, authz-server-side-recheck]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: laravel
|
|
display_name: Laravel
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Laravel
|
|
kind: ghsa-global
|
|
ecosystem: composer
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Laravel remains the active machine-readable source.
|
|
replacement_sources: [OSV Laravel]
|
|
- name: OSV Laravel
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Packagist
|
|
name: laravel/framework
|
|
cpe_keys: []
|
|
ghsa_keywords: [laravel]
|
|
kev_keywords: [laravel]
|
|
output_dir: 07-framework-security/frameworks/laravel
|
|
secure_code_topics: [xss-output-encoding, authz-server-side-recheck, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: symfony
|
|
display_name: Symfony
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Symfony
|
|
kind: ghsa-global
|
|
ecosystem: composer
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Symfony remains the active machine-readable source.
|
|
replacement_sources: [OSV Symfony]
|
|
- name: OSV Symfony
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Packagist
|
|
name: symfony/symfony
|
|
- ecosystem: Packagist
|
|
name: symfony/http-kernel
|
|
cpe_keys: []
|
|
ghsa_keywords: [symfony]
|
|
kev_keywords: [symfony]
|
|
output_dir: 07-framework-security/frameworks/symfony
|
|
secure_code_topics: [xss-output-encoding, authz-server-side-recheck, path-traversal-guard]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: django
|
|
display_name: Django
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: Django Security RSS
|
|
kind: rss-feed
|
|
url: https://www.djangoproject.com/weblog/feeds/tags/security/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [django]
|
|
max_items: 60
|
|
status: retired
|
|
retired_reason: Official security tag feed became unstable; use official weblog index and release archive instead.
|
|
replacement_sources: [Django Security Weblog, Django Security Releases Archive]
|
|
- name: Django Security Weblog
|
|
kind: vendor-index
|
|
url: https://www.djangoproject.com/weblog/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [django, security, release]
|
|
max_items: 60
|
|
parser_hints:
|
|
keywords: [django, security, release]
|
|
include_url_patterns: [/weblog/]
|
|
- name: Django Security Releases Archive
|
|
kind: vendor-index
|
|
url: https://docs.djangoproject.com/en/dev/releases/security/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [django, security]
|
|
max_items: 40
|
|
parser_hints:
|
|
keywords: [django, security]
|
|
include_url_patterns: [/releases/security/]
|
|
- name: OSV Django
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: PyPI
|
|
name: django
|
|
cpe_keys: ["djangoproject:django"]
|
|
ghsa_keywords: [django]
|
|
kev_keywords: [django]
|
|
output_dir: 07-framework-security/frameworks/django
|
|
secure_code_topics: [xss-output-encoding, path-traversal-guard, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: flask
|
|
display_name: Flask
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: OSV Flask
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
- name: GHSA Flask
|
|
kind: ghsa-global
|
|
ecosystem: pip
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Flask remains the active machine-readable source.
|
|
replacement_sources: [OSV Flask]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: PyPI
|
|
name: flask
|
|
cpe_keys: []
|
|
ghsa_keywords: [flask]
|
|
kev_keywords: [flask]
|
|
output_dir: 07-framework-security/frameworks/flask
|
|
secure_code_topics: [xss-output-encoding, ssrf-url-validation, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: werkzeug
|
|
display_name: Werkzeug
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: OSV Werkzeug
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
- name: GHSA Werkzeug
|
|
kind: ghsa-global
|
|
ecosystem: pip
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Werkzeug remains the active machine-readable source.
|
|
replacement_sources: [OSV Werkzeug]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: PyPI
|
|
name: werkzeug
|
|
cpe_keys: []
|
|
ghsa_keywords: [werkzeug]
|
|
kev_keywords: [werkzeug]
|
|
output_dir: 07-framework-security/frameworks/werkzeug
|
|
secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: rails
|
|
display_name: Ruby on Rails
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GHSA Rails
|
|
kind: ghsa-global
|
|
ecosystem: rubygems
|
|
name: GitHub Global Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
status: retired
|
|
retired_reason: Unauthenticated GitHub advisory API is quota-limited; OSV Rails remains the active machine-readable source.
|
|
replacement_sources: [OSV Rails]
|
|
- name: OSV Rails
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: RubyGems
|
|
name: rails
|
|
cpe_keys: []
|
|
ghsa_keywords: [rails]
|
|
kev_keywords: [rails]
|
|
output_dir: 07-framework-security/frameworks/rails
|
|
secure_code_topics: [xss-output-encoding, file-upload-validation, authz-server-side-recheck]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: aspnet-core
|
|
display_name: ASP.NET Core
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: NVD ASP.NET Core
|
|
kind: nvd-search
|
|
keyword: ASP.NET Core
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["microsoft:asp.net_core"]
|
|
ghsa_keywords: [asp.net core]
|
|
kev_keywords: [asp.net core]
|
|
output_dir: 07-framework-security/frameworks/aspnet-core
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: gin
|
|
display_name: Gin
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: OSV Gin
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Go
|
|
name: github.com/gin-gonic/gin
|
|
cpe_keys: []
|
|
ghsa_keywords: [gin]
|
|
kev_keywords: [gin]
|
|
output_dir: 07-framework-security/frameworks/gin
|
|
secure_code_topics: [proxy-trust-boundary, xss-output-encoding]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: echo
|
|
display_name: Echo
|
|
category: frameworks
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: OSV Echo
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Go
|
|
name: github.com/labstack/echo/v4
|
|
cpe_keys: []
|
|
ghsa_keywords: [echo]
|
|
kev_keywords: [echo]
|
|
output_dir: 07-framework-security/frameworks/echo
|
|
secure_code_topics: [proxy-trust-boundary, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: nginx
|
|
display_name: Nginx
|
|
category: servers
|
|
tier: history-full
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: NGINX Security Advisories
|
|
kind: html-links
|
|
url: https://nginx.org/en/security_advisories.html
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [nginx, security]
|
|
max_items: 60
|
|
- name: NVD NGINX
|
|
kind: nvd-search
|
|
keyword: NGINX
|
|
confidence: official
|
|
advisory_mode: server
|
|
results_per_page: 50
|
|
- name: CISA KEV NGINX
|
|
kind: kev-json
|
|
url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [nginx]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["f5:nginx", "nginx:nginx"]
|
|
ghsa_keywords: [nginx]
|
|
kev_keywords: [nginx]
|
|
output_dir: 07-framework-security/servers/nginx
|
|
secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary, csp-trusted-types]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: apache-httpd
|
|
display_name: Apache HTTP Server
|
|
category: servers
|
|
tier: history-full
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: Apache HTTPD Security
|
|
kind: html-links
|
|
url: https://httpd.apache.org/security/vulnerabilities_24.html
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [apache, http server, cve]
|
|
max_items: 80
|
|
- name: CISA KEV Apache HTTPD
|
|
kind: kev-json
|
|
url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [apache http server]
|
|
- name: NVD Apache HTTP Server
|
|
kind: nvd-search
|
|
keyword: Apache HTTP Server
|
|
confidence: official
|
|
advisory_mode: server
|
|
results_per_page: 50
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["apache:http_server"]
|
|
ghsa_keywords: [apache http server, httpd]
|
|
kev_keywords: [apache http server, httpd]
|
|
output_dir: 07-framework-security/servers/apache-httpd
|
|
secure_code_topics: [request-smuggling-boundary, proxy-trust-boundary, path-traversal-guard]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: apache-tomcat
|
|
display_name: Apache Tomcat
|
|
category: servers
|
|
tier: history-full
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: Apache Tomcat Security
|
|
kind: html-links
|
|
url: https://tomcat.apache.org/security-10.html
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [tomcat, cve]
|
|
max_items: 80
|
|
- name: CISA KEV Tomcat
|
|
kind: kev-json
|
|
url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [tomcat]
|
|
- name: NVD Tomcat
|
|
kind: nvd-search
|
|
keyword: Apache Tomcat
|
|
confidence: official
|
|
advisory_mode: server
|
|
results_per_page: 50
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["apache:tomcat"]
|
|
ghsa_keywords: [tomcat]
|
|
kev_keywords: [tomcat]
|
|
output_dir: 07-framework-security/servers/apache-tomcat
|
|
secure_code_topics: [request-smuggling-boundary, authz-server-side-recheck, path-traversal-guard]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: caddy
|
|
display_name: Caddy
|
|
category: servers
|
|
tier: rolling-24m
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: GitHub Caddy Advisories
|
|
kind: html-links
|
|
url: https://github.com/caddyserver/caddy/security/advisories
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [caddy]
|
|
max_items: 50
|
|
- name: OSV Caddy
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: server
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Go
|
|
name: github.com/caddyserver/caddy/v2
|
|
cpe_keys: []
|
|
ghsa_keywords: [caddy]
|
|
kev_keywords: [caddy]
|
|
output_dir: 07-framework-security/servers/caddy
|
|
secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: traefik
|
|
display_name: Traefik
|
|
category: servers
|
|
tier: rolling-24m
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: GitHub Traefik Advisories
|
|
kind: html-links
|
|
url: https://github.com/traefik/traefik/security/advisories
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [traefik]
|
|
max_items: 50
|
|
- name: OSV Traefik
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: server
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Go
|
|
name: github.com/traefik/traefik/v3
|
|
cpe_keys: []
|
|
ghsa_keywords: [traefik]
|
|
kev_keywords: [traefik]
|
|
output_dir: 07-framework-security/servers/traefik
|
|
secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: haproxy
|
|
display_name: HAProxy
|
|
category: servers
|
|
tier: rolling-24m
|
|
advisory_modes: [server]
|
|
official_sources:
|
|
- name: HAProxy Security Advisories
|
|
kind: html-links
|
|
url: https://www.haproxy.org/security/
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [haproxy, security]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Legacy haproxy.org security page no longer yields stable scrape results for monitoring.
|
|
replacement_sources: [HAProxy Blog Feed]
|
|
- name: HAProxy Blog Feed
|
|
kind: rss-feed
|
|
url: https://www.haproxy.com/feed/
|
|
confidence: official
|
|
advisory_mode: server
|
|
keywords: [haproxy, security, cve]
|
|
max_items: 40
|
|
- name: NVD HAProxy
|
|
kind: nvd-search
|
|
keyword: HAProxy
|
|
confidence: official
|
|
advisory_mode: server
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["haproxy:haproxy"]
|
|
ghsa_keywords: [haproxy]
|
|
kev_keywords: [haproxy]
|
|
output_dir: 07-framework-security/servers/haproxy
|
|
secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: phpmyadmin
|
|
display_name: phpMyAdmin
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: phpMyAdmin Security Page
|
|
kind: html-links
|
|
url: https://www.phpmyadmin.net/security/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [phpmyadmin]
|
|
max_items: 50
|
|
- name: NVD phpMyAdmin
|
|
kind: nvd-search
|
|
keyword: phpMyAdmin
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Packagist
|
|
name: phpmyadmin/phpmyadmin
|
|
cpe_keys: ["phpmyadmin:phpmyadmin"]
|
|
ghsa_keywords: [phpmyadmin]
|
|
kev_keywords: [phpmyadmin]
|
|
output_dir: 07-framework-security/platforms/phpmyadmin
|
|
secure_code_topics: [xss-output-encoding, authz-server-side-recheck, path-traversal-guard]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: adminer
|
|
display_name: Adminer
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: NVD Adminer
|
|
kind: nvd-search
|
|
keyword: Adminer
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["adminer:adminer"]
|
|
ghsa_keywords: [adminer]
|
|
kev_keywords: [adminer]
|
|
output_dir: 07-framework-security/platforms/adminer
|
|
secure_code_topics: [xss-output-encoding, authz-server-side-recheck]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: gitea
|
|
display_name: Gitea
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GitHub Gitea Advisories
|
|
kind: html-links
|
|
url: https://github.com/go-gitea/gitea/security/advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [gitea]
|
|
max_items: 50
|
|
- name: OSV Gitea
|
|
kind: osv-batch
|
|
confidence: official
|
|
advisory_mode: core
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: Go
|
|
name: code.gitea.io/gitea
|
|
cpe_keys: []
|
|
ghsa_keywords: [gitea]
|
|
kev_keywords: [gitea]
|
|
output_dir: 07-framework-security/platforms/gitea
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: gitlab-ce
|
|
display_name: GitLab CE
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core]
|
|
official_sources:
|
|
- name: GitLab Security Releases
|
|
kind: html-links
|
|
url: https://about.gitlab.com/releases/categories/releases/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [security release, gitlab]
|
|
max_items: 50
|
|
- name: NVD GitLab
|
|
kind: nvd-search
|
|
keyword: GitLab CE
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources:
|
|
- name: GitLab Advisory Database
|
|
kind: html-links
|
|
url: https://gitlab.com/gitlab-org/advisories-community
|
|
confidence: ecosystem-authority
|
|
advisory_mode: core
|
|
keywords: [gitlab]
|
|
max_items: 50
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["gitlab:gitlab"]
|
|
ghsa_keywords: [gitlab]
|
|
kev_keywords: [gitlab]
|
|
output_dir: 07-framework-security/platforms/gitlab-ce
|
|
secure_code_topics: [authz-server-side-recheck, token-cookie-storage, deserialization-safety]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: jenkins
|
|
display_name: Jenkins
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Jenkins Security Advisories
|
|
kind: html-links
|
|
url: https://www.jenkins.io/security/advisories/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [jenkins]
|
|
max_items: 60
|
|
- name: NVD Jenkins
|
|
kind: nvd-search
|
|
keyword: Jenkins
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["jenkins:jenkins"]
|
|
ghsa_keywords: [jenkins]
|
|
kev_keywords: [jenkins]
|
|
output_dir: 07-framework-security/platforms/jenkins
|
|
secure_code_topics: [plugin-extension-trust-policy, authz-server-side-recheck, deserialization-safety]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
extension_markdown_on_high_value: true
|
|
|
|
- system_id: grafana
|
|
display_name: Grafana
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Grafana Security Advisories
|
|
kind: html-links
|
|
url: https://grafana.com/security/security-advisories/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [grafana]
|
|
max_items: 60
|
|
- name: CISA KEV Grafana
|
|
kind: kev-json
|
|
url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [grafana]
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["grafana:grafana"]
|
|
ghsa_keywords: [grafana]
|
|
kev_keywords: [grafana]
|
|
output_dir: 07-framework-security/platforms/grafana
|
|
secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, xss-output-encoding]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: kibana
|
|
display_name: Kibana
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Elastic Security Announcements
|
|
kind: html-links
|
|
url: https://discuss.elastic.co/c/announcements/security-announcements/31
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [kibana, elastic, security]
|
|
max_items: 60
|
|
- name: NVD Kibana
|
|
kind: nvd-search
|
|
keyword: Kibana
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["elastic:kibana"]
|
|
ghsa_keywords: [kibana]
|
|
kev_keywords: [kibana]
|
|
output_dir: 07-framework-security/platforms/kibana
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, proxy-trust-boundary]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: mattermost
|
|
display_name: Mattermost
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Mattermost Security Updates
|
|
kind: html-links
|
|
url: https://mattermost.com/security-updates/
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [mattermost]
|
|
max_items: 50
|
|
status: retired
|
|
retired_reason: Mattermost security updates page returned repeated 403 responses from the collector path; NVD replacement remains active.
|
|
replacement_sources: [NVD Mattermost]
|
|
- name: NVD Mattermost
|
|
kind: nvd-search
|
|
keyword: Mattermost
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names: []
|
|
cpe_keys: ["mattermost:mattermost"]
|
|
ghsa_keywords: [mattermost]
|
|
kev_keywords: [mattermost]
|
|
output_dir: 07-framework-security/platforms/mattermost
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, token-cookie-storage]
|
|
render_policy:
|
|
core_always_markdown: true
|
|
|
|
- system_id: redmine
|
|
display_name: Redmine
|
|
category: platforms
|
|
tier: rolling-24m
|
|
advisory_modes: [core, plugin]
|
|
official_sources:
|
|
- name: Redmine Security Advisories
|
|
kind: html-links
|
|
url: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
|
|
confidence: official
|
|
advisory_mode: core
|
|
keywords: [redmine]
|
|
max_items: 50
|
|
- name: NVD Redmine
|
|
kind: nvd-search
|
|
keyword: Redmine
|
|
confidence: official
|
|
advisory_mode: core
|
|
results_per_page: 40
|
|
ecosystem_sources: []
|
|
research_sources: []
|
|
package_names:
|
|
- ecosystem: RubyGems
|
|
name: redmine
|
|
cpe_keys: ["redmine:redmine"]
|
|
ghsa_keywords: [redmine]
|
|
kev_keywords: [redmine]
|
|
output_dir: 07-framework-security/platforms/redmine
|
|
secure_code_topics: [authz-server-side-recheck, xss-output-encoding, plugin-extension-trust-policy]
|
|
render_policy:
|
|
core_always_markdown: true
|