61 行
2.6 KiB
Markdown
61 行
2.6 KiB
Markdown
# 全库 Advisory 完整度报告
|
|
|
|
- 生成时间: `2026-03-18T14:45:55+00:00`
|
|
- 最新 advisory 完整度: `0/5` `verified-real`
|
|
- 合成验证数量: `0`
|
|
- 阻塞数量: `0`
|
|
- 人工/待补证据数量: `5`
|
|
- 完整度百分比: `0.0%`
|
|
|
|
## 系统覆盖矩阵
|
|
|
|
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
|
|
| --- | ---: | ---: | ---: | ---: | ---: | --- |
|
|
| nextjs | 5 | 0 | 0 | 0 | 5 | proxy-boundary(0/4), request-smuggling(0/1) |
|
|
|
|
## 历史阻塞项修复纪要
|
|
|
|
- Docker daemon unavailable caused provision-compose-environment blocked-artifact.
|
|
- Family profiles previously used note-only attack runners and dry-run placeholders.
|
|
- Baseline and browser steps were skipped when environment readiness was not enforced.
|
|
- Latest completeness now uses one advisory -> latest run semantics instead of historical run piles.
|
|
|
|
## Ingest / Source 健康度
|
|
|
|
- source failures: `29`
|
|
- drupal::Drupal Security Advisories Site::HTTPError
|
|
- discourse::Discourse Meta Security::HTTPError
|
|
- adobe-commerce::Adobe Security Bulletins::ConnectionError
|
|
- react::GitHub Global Advisories::TypeError
|
|
- nextjs::GitHub Global Advisories::AttributeError
|
|
- vue::GitHub Global Advisories::HTTPError
|
|
- nuxt::GitHub Global Advisories::HTTPError
|
|
- vite::GitHub Global Advisories::HTTPError
|
|
- angular::GitHub Global Advisories::HTTPError
|
|
- sveltekit::GitHub Global Advisories::HTTPError
|
|
- astro::GitHub Global Advisories::HTTPError
|
|
- express::GitHub Global Advisories::HTTPError
|
|
- nestjs::GitHub Global Advisories::HTTPError
|
|
- koa::GitHub Global Advisories::HTTPError
|
|
- fastify::GitHub Global Advisories::HTTPError
|
|
- hapi::GitHub Global Advisories::HTTPError
|
|
- undici::GitHub Global Advisories::HTTPError
|
|
- webpack::GitHub Global Advisories::HTTPError
|
|
- esbuild::GitHub Global Advisories::HTTPError
|
|
- spring-framework::GitHub Global Advisories::HTTPError
|
|
- spring-security::GitHub Global Advisories::HTTPError
|
|
- spring-boot::GitHub Global Advisories::HTTPError
|
|
- laravel::GitHub Global Advisories::HTTPError
|
|
- symfony::GitHub Global Advisories::HTTPError
|
|
- django::Django Security RSS::HTTPError
|
|
- flask::GitHub Global Advisories::HTTPError
|
|
- werkzeug::GitHub Global Advisories::HTTPError
|
|
- rails::GitHub Global Advisories::HTTPError
|
|
- haproxy::HAProxy Security Advisories::HTTPError
|
|
|
|
## 剩余风险说明
|
|
|
|
- 本报告按 advisory 的最新 run 计算;历史失败 run 仅保留审计价值,不再污染完整度数字。
|
|
- `browser_required=true` 的案例必须同时存在基线与攻击后浏览器证据,缺失则不会进入 `verified-real`。
|
|
- source collector 健康度单独计数;只有当 failures 归零时,报告与 dashboard 才算真正全绿。
|