3385 行
160 KiB
JSON
3385 行
160 KiB
JSON
{
|
|
"vite--CVE-2025-62522": {
|
|
"canonical_id": "vite--CVE-2025-62522",
|
|
"title": "vite--CVE-2025-62522",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-62522-20260318040559",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:59+00:00",
|
|
"updated_at": "2026-03-18T04:06:05+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-58752": {
|
|
"canonical_id": "vite--CVE-2025-58752",
|
|
"title": "vite--CVE-2025-58752",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-58752-20260318040552",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:52+00:00",
|
|
"updated_at": "2026-03-18T04:05:59+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-58751": {
|
|
"canonical_id": "vite--CVE-2025-58751",
|
|
"title": "vite--CVE-2025-58751",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-58751-20260318040545",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:45+00:00",
|
|
"updated_at": "2026-03-18T04:05:52+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-46565": {
|
|
"canonical_id": "vite--CVE-2025-46565",
|
|
"title": "vite--CVE-2025-46565",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-46565-20260318040538",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:38+00:00",
|
|
"updated_at": "2026-03-18T04:05:45+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-32395": {
|
|
"canonical_id": "vite--CVE-2025-32395",
|
|
"title": "vite--CVE-2025-32395",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-32395-20260318040532",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:32+00:00",
|
|
"updated_at": "2026-03-18T04:05:38+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-31486": {
|
|
"canonical_id": "vite--CVE-2025-31486",
|
|
"title": "vite--CVE-2025-31486",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-31486-20260318040525",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:25+00:00",
|
|
"updated_at": "2026-03-18T04:05:32+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-31125": {
|
|
"canonical_id": "vite--CVE-2025-31125",
|
|
"title": "vite--CVE-2025-31125",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-31125-20260318040518",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:18+00:00",
|
|
"updated_at": "2026-03-18T04:05:25+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-30208": {
|
|
"canonical_id": "vite--CVE-2025-30208",
|
|
"title": "vite--CVE-2025-30208",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-30208-20260318040511",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:11+00:00",
|
|
"updated_at": "2026-03-18T04:05:18+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2025-24010": {
|
|
"canonical_id": "vite--CVE-2025-24010",
|
|
"title": "vite--CVE-2025-24010",
|
|
"summary": "Derived from latest run vite-vite--CVE-2025-24010-20260318040505",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:05:05+00:00",
|
|
"updated_at": "2026-03-18T04:05:11+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2024-45812": {
|
|
"canonical_id": "vite--CVE-2024-45812",
|
|
"title": "vite--CVE-2024-45812",
|
|
"summary": "Derived from latest run vite-vite--CVE-2024-45812-20260318040458",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:04:58+00:00",
|
|
"updated_at": "2026-03-18T04:05:05+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2024-45811": {
|
|
"canonical_id": "vite--CVE-2024-45811",
|
|
"title": "vite--CVE-2024-45811",
|
|
"summary": "Derived from latest run vite-vite--CVE-2024-45811-20260318040452",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:04:52+00:00",
|
|
"updated_at": "2026-03-18T04:04:58+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"vite--CVE-2024-23331": {
|
|
"canonical_id": "vite--CVE-2024-23331",
|
|
"title": "vite--CVE-2024-23331",
|
|
"summary": "Derived from latest run vite-vite--CVE-2024-23331-20260318040445",
|
|
"display_name": "Vite",
|
|
"system_id": "vite",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:04:45+00:00",
|
|
"updated_at": "2026-03-18T04:04:52+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"dependency-upgrade-policy",
|
|
"file-upload-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"undici--CVE-2026-2581": {
|
|
"canonical_id": "undici--CVE-2026-2581",
|
|
"title": "undici--CVE-2026-2581",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-2581-20260318040332",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:32+00:00",
|
|
"updated_at": "2026-03-18T04:03:36+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-2229": {
|
|
"canonical_id": "undici--CVE-2026-2229",
|
|
"title": "undici--CVE-2026-2229",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-2229-20260318040328",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:28+00:00",
|
|
"updated_at": "2026-03-18T04:03:32+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-22036": {
|
|
"canonical_id": "undici--CVE-2026-22036",
|
|
"title": "undici--CVE-2026-22036",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-22036-20260318040323",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:23+00:00",
|
|
"updated_at": "2026-03-18T04:03:27+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-1528": {
|
|
"canonical_id": "undici--CVE-2026-1528",
|
|
"title": "undici--CVE-2026-1528",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-1528-20260318040318",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:18+00:00",
|
|
"updated_at": "2026-03-18T04:03:23+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-1527": {
|
|
"canonical_id": "undici--CVE-2026-1527",
|
|
"title": "undici--CVE-2026-1527",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-1527-20260318040314",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:14+00:00",
|
|
"updated_at": "2026-03-18T04:03:18+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-1526": {
|
|
"canonical_id": "undici--CVE-2026-1526",
|
|
"title": "undici--CVE-2026-1526",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-1526-20260318040309",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:09+00:00",
|
|
"updated_at": "2026-03-18T04:03:14+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2026-1525": {
|
|
"canonical_id": "undici--CVE-2026-1525",
|
|
"title": "undici--CVE-2026-1525",
|
|
"summary": "Derived from latest run undici-undici--CVE-2026-1525-20260318040304",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:04+00:00",
|
|
"updated_at": "2026-03-18T04:03:09+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2025-47279": {
|
|
"canonical_id": "undici--CVE-2025-47279",
|
|
"title": "undici--CVE-2025-47279",
|
|
"summary": "Derived from latest run undici-undici--CVE-2025-47279-20260318040300",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:03:00+00:00",
|
|
"updated_at": "2026-03-18T04:03:04+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2025-22150": {
|
|
"canonical_id": "undici--CVE-2025-22150",
|
|
"title": "undici--CVE-2025-22150",
|
|
"summary": "Derived from latest run undici-undici--CVE-2025-22150-20260318040256",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:56+00:00",
|
|
"updated_at": "2026-03-18T04:03:00+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2024-30261": {
|
|
"canonical_id": "undici--CVE-2024-30261",
|
|
"title": "undici--CVE-2024-30261",
|
|
"summary": "Derived from latest run undici-undici--CVE-2024-30261-20260318040251",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:51+00:00",
|
|
"updated_at": "2026-03-18T04:02:56+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2024-30260": {
|
|
"canonical_id": "undici--CVE-2024-30260",
|
|
"title": "undici--CVE-2024-30260",
|
|
"summary": "Derived from latest run undici-undici--CVE-2024-30260-20260318040247",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:47+00:00",
|
|
"updated_at": "2026-03-18T04:02:51+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2023-45143": {
|
|
"canonical_id": "undici--CVE-2023-45143",
|
|
"title": "undici--CVE-2023-45143",
|
|
"summary": "Derived from latest run undici-undici--CVE-2023-45143-20260318040242",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:42+00:00",
|
|
"updated_at": "2026-03-18T04:02:46+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2022-32210": {
|
|
"canonical_id": "undici--CVE-2022-32210",
|
|
"title": "undici--CVE-2022-32210",
|
|
"summary": "Derived from latest run undici-undici--CVE-2022-32210-20260318040238",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:38+00:00",
|
|
"updated_at": "2026-03-18T04:02:42+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"undici--CVE-2022-31151": {
|
|
"canonical_id": "undici--CVE-2022-31151",
|
|
"title": "undici--CVE-2022-31151",
|
|
"summary": "Derived from latest run undici-undici--CVE-2022-31151-20260318040233",
|
|
"display_name": "Undici",
|
|
"system_id": "undici",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T04:02:33+00:00",
|
|
"updated_at": "2026-03-18T04:02:37+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"ssrf-url-validation",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--GHSA-w37m-7fhw-fmv9": {
|
|
"canonical_id": "nextjs--GHSA-w37m-7fhw-fmv9",
|
|
"title": "nextjs--GHSA-w37m-7fhw-fmv9",
|
|
"summary": "Derived from latest run nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:48+00:00",
|
|
"updated_at": "2026-03-18T03:58:55+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--GHSA-mwv6-3258-q52c": {
|
|
"canonical_id": "nextjs--GHSA-mwv6-3258-q52c",
|
|
"title": "nextjs--GHSA-mwv6-3258-q52c",
|
|
"summary": "Derived from latest run nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:42+00:00",
|
|
"updated_at": "2026-03-18T03:58:48+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--GHSA-h25m-26qc-wcjf": {
|
|
"canonical_id": "nextjs--GHSA-h25m-26qc-wcjf",
|
|
"title": "nextjs--GHSA-h25m-26qc-wcjf",
|
|
"summary": "Derived from latest run nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:37+00:00",
|
|
"updated_at": "2026-03-18T03:58:41+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--GHSA-9qr9-h5gf-34mp": {
|
|
"canonical_id": "nextjs--GHSA-9qr9-h5gf-34mp",
|
|
"title": "nextjs--GHSA-9qr9-h5gf-34mp",
|
|
"summary": "Derived from latest run nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:30+00:00",
|
|
"updated_at": "2026-03-18T03:58:37+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--GHSA-5j59-xgg2-r9c4": {
|
|
"canonical_id": "nextjs--GHSA-5j59-xgg2-r9c4",
|
|
"title": "nextjs--GHSA-5j59-xgg2-r9c4",
|
|
"summary": "Derived from latest run nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:24+00:00",
|
|
"updated_at": "2026-03-18T03:58:30+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-59472": {
|
|
"canonical_id": "nextjs--CVE-2025-59472",
|
|
"title": "nextjs--CVE-2025-59472",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-59472-20260318035817",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:17+00:00",
|
|
"updated_at": "2026-03-18T03:58:24+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-59471": {
|
|
"canonical_id": "nextjs--CVE-2025-59471",
|
|
"title": "nextjs--CVE-2025-59471",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-59471-20260318035811",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:11+00:00",
|
|
"updated_at": "2026-03-18T03:58:17+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-57822": {
|
|
"canonical_id": "nextjs--CVE-2025-57822",
|
|
"title": "nextjs--CVE-2025-57822",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-57822-20260318035806",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:06+00:00",
|
|
"updated_at": "2026-03-18T03:58:11+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-57752": {
|
|
"canonical_id": "nextjs--CVE-2025-57752",
|
|
"title": "nextjs--CVE-2025-57752",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-57752-20260318035800",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:58:00+00:00",
|
|
"updated_at": "2026-03-18T03:58:06+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-55173": {
|
|
"canonical_id": "nextjs--CVE-2025-55173",
|
|
"title": "nextjs--CVE-2025-55173",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-55173-20260318035753",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:53+00:00",
|
|
"updated_at": "2026-03-18T03:58:00+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-49826": {
|
|
"canonical_id": "nextjs--CVE-2025-49826",
|
|
"title": "nextjs--CVE-2025-49826",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-49826-20260318035747",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:47+00:00",
|
|
"updated_at": "2026-03-18T03:57:53+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-49005": {
|
|
"canonical_id": "nextjs--CVE-2025-49005",
|
|
"title": "nextjs--CVE-2025-49005",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-49005-20260318035740",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:40+00:00",
|
|
"updated_at": "2026-03-18T03:57:47+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-48068": {
|
|
"canonical_id": "nextjs--CVE-2025-48068",
|
|
"title": "nextjs--CVE-2025-48068",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-48068-20260318035734",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:34+00:00",
|
|
"updated_at": "2026-03-18T03:57:40+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-32421": {
|
|
"canonical_id": "nextjs--CVE-2025-32421",
|
|
"title": "nextjs--CVE-2025-32421",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-32421-20260318035727",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:27+00:00",
|
|
"updated_at": "2026-03-18T03:57:34+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-30218": {
|
|
"canonical_id": "nextjs--CVE-2025-30218",
|
|
"title": "nextjs--CVE-2025-30218",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-30218-20260318035721",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:21+00:00",
|
|
"updated_at": "2026-03-18T03:57:27+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2025-29927": {
|
|
"canonical_id": "nextjs--CVE-2025-29927",
|
|
"title": "nextjs--CVE-2025-29927",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2025-29927-20260318035717",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:17+00:00",
|
|
"updated_at": "2026-03-18T03:57:21+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--CVE-2024-56332": {
|
|
"canonical_id": "nextjs--CVE-2024-56332",
|
|
"title": "nextjs--CVE-2024-56332",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2024-56332-20260318035710",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:10+00:00",
|
|
"updated_at": "2026-03-18T03:57:16+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2024-51479": {
|
|
"canonical_id": "nextjs--CVE-2024-51479",
|
|
"title": "nextjs--CVE-2024-51479",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2024-51479-20260318035706",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:57:06+00:00",
|
|
"updated_at": "2026-03-18T03:57:10+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--CVE-2024-47831": {
|
|
"canonical_id": "nextjs--CVE-2024-47831",
|
|
"title": "nextjs--CVE-2024-47831",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2024-47831-20260318035659",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:59+00:00",
|
|
"updated_at": "2026-03-18T03:57:06+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2024-46982": {
|
|
"canonical_id": "nextjs--CVE-2024-46982",
|
|
"title": "nextjs--CVE-2024-46982",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2024-46982-20260318035653",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:53+00:00",
|
|
"updated_at": "2026-03-18T03:56:59+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2024-34351": {
|
|
"canonical_id": "nextjs--CVE-2024-34351",
|
|
"title": "nextjs--CVE-2024-34351",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2024-34351-20260318035648",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:48+00:00",
|
|
"updated_at": "2026-03-18T03:56:53+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"nextjs--CVE-2021-43803": {
|
|
"canonical_id": "nextjs--CVE-2021-43803",
|
|
"title": "nextjs--CVE-2021-43803",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2021-43803-20260318035642",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:42+00:00",
|
|
"updated_at": "2026-03-18T03:56:48+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2021-39178": {
|
|
"canonical_id": "nextjs--CVE-2021-39178",
|
|
"title": "nextjs--CVE-2021-39178",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2021-39178-20260318035635",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:35+00:00",
|
|
"updated_at": "2026-03-18T03:56:42+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2021-37699": {
|
|
"canonical_id": "nextjs--CVE-2021-37699",
|
|
"title": "nextjs--CVE-2021-37699",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2021-37699-20260318035628",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:28+00:00",
|
|
"updated_at": "2026-03-18T03:56:35+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2020-5284": {
|
|
"canonical_id": "nextjs--CVE-2020-5284",
|
|
"title": "nextjs--CVE-2020-5284",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2020-5284-20260318035622",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:22+00:00",
|
|
"updated_at": "2026-03-18T03:56:28+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"nextjs--CVE-2020-15242": {
|
|
"canonical_id": "nextjs--CVE-2020-15242",
|
|
"title": "nextjs--CVE-2020-15242",
|
|
"summary": "Derived from latest run nextjs-nextjs--CVE-2020-15242-20260318035615",
|
|
"display_name": "Next.js",
|
|
"system_id": "nextjs",
|
|
"category": "frameworks",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:56:15+00:00",
|
|
"updated_at": "2026-03-18T03:56:22+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"proxy-trust-boundary",
|
|
"token-cookie-storage"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20912": {
|
|
"canonical_id": "gitea--CVE-2026-20912",
|
|
"title": "gitea--CVE-2026-20912",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20912-20260318035506",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:55:06+00:00",
|
|
"updated_at": "2026-03-18T03:55:13+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20904": {
|
|
"canonical_id": "gitea--CVE-2026-20904",
|
|
"title": "gitea--CVE-2026-20904",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20904-20260318035500",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:55:00+00:00",
|
|
"updated_at": "2026-03-18T03:55:06+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20897": {
|
|
"canonical_id": "gitea--CVE-2026-20897",
|
|
"title": "gitea--CVE-2026-20897",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20897-20260318035454",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:54+00:00",
|
|
"updated_at": "2026-03-18T03:55:00+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20888": {
|
|
"canonical_id": "gitea--CVE-2026-20888",
|
|
"title": "gitea--CVE-2026-20888",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20888-20260318035447",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:47+00:00",
|
|
"updated_at": "2026-03-18T03:54:54+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20883": {
|
|
"canonical_id": "gitea--CVE-2026-20883",
|
|
"title": "gitea--CVE-2026-20883",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20883-20260318035441",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:41+00:00",
|
|
"updated_at": "2026-03-18T03:54:47+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20800": {
|
|
"canonical_id": "gitea--CVE-2026-20800",
|
|
"title": "gitea--CVE-2026-20800",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20800-20260318035434",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:34+00:00",
|
|
"updated_at": "2026-03-18T03:54:41+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20750": {
|
|
"canonical_id": "gitea--CVE-2026-20750",
|
|
"title": "gitea--CVE-2026-20750",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20750-20260318035428",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:28+00:00",
|
|
"updated_at": "2026-03-18T03:54:34+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2026-20736": {
|
|
"canonical_id": "gitea--CVE-2026-20736",
|
|
"title": "gitea--CVE-2026-20736",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-20736-20260318035423",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:23+00:00",
|
|
"updated_at": "2026-03-18T03:54:27+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"gitea--CVE-2026-0798": {
|
|
"canonical_id": "gitea--CVE-2026-0798",
|
|
"title": "gitea--CVE-2026-0798",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2026-0798-20260318035416",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:16+00:00",
|
|
"updated_at": "2026-03-18T03:54:23+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-69413": {
|
|
"canonical_id": "gitea--CVE-2025-69413",
|
|
"title": "gitea--CVE-2025-69413",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-69413-20260318035410",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:10+00:00",
|
|
"updated_at": "2026-03-18T03:54:16+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68946": {
|
|
"canonical_id": "gitea--CVE-2025-68946",
|
|
"title": "gitea--CVE-2025-68946",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68946-20260318035404",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:54:04+00:00",
|
|
"updated_at": "2026-03-18T03:54:10+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68945": {
|
|
"canonical_id": "gitea--CVE-2025-68945",
|
|
"title": "gitea--CVE-2025-68945",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68945-20260318035358",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:58+00:00",
|
|
"updated_at": "2026-03-18T03:54:04+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68944": {
|
|
"canonical_id": "gitea--CVE-2025-68944",
|
|
"title": "gitea--CVE-2025-68944",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68944-20260318035353",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:53+00:00",
|
|
"updated_at": "2026-03-18T03:53:57+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68943": {
|
|
"canonical_id": "gitea--CVE-2025-68943",
|
|
"title": "gitea--CVE-2025-68943",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68943-20260318035347",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:47+00:00",
|
|
"updated_at": "2026-03-18T03:53:53+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68942": {
|
|
"canonical_id": "gitea--CVE-2025-68942",
|
|
"title": "gitea--CVE-2025-68942",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68942-20260318035340",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:40+00:00",
|
|
"updated_at": "2026-03-18T03:53:47+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68941": {
|
|
"canonical_id": "gitea--CVE-2025-68941",
|
|
"title": "gitea--CVE-2025-68941",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68941-20260318035334",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:34+00:00",
|
|
"updated_at": "2026-03-18T03:53:40+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68940": {
|
|
"canonical_id": "gitea--CVE-2025-68940",
|
|
"title": "gitea--CVE-2025-68940",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68940-20260318035330",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:30+00:00",
|
|
"updated_at": "2026-03-18T03:53:34+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68939": {
|
|
"canonical_id": "gitea--CVE-2025-68939",
|
|
"title": "gitea--CVE-2025-68939",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68939-20260318035323",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:23+00:00",
|
|
"updated_at": "2026-03-18T03:53:29+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2025-68938": {
|
|
"canonical_id": "gitea--CVE-2025-68938",
|
|
"title": "gitea--CVE-2025-68938",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2025-68938-20260318035317",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:17+00:00",
|
|
"updated_at": "2026-03-18T03:53:23+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-42968": {
|
|
"canonical_id": "gitea--CVE-2022-42968",
|
|
"title": "gitea--CVE-2022-42968",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-42968-20260318035311",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:11+00:00",
|
|
"updated_at": "2026-03-18T03:53:17+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-38795": {
|
|
"canonical_id": "gitea--CVE-2022-38795",
|
|
"title": "gitea--CVE-2022-38795",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:53:04+00:00",
|
|
"updated_at": "2026-03-18T03:53:11+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-38183": {
|
|
"canonical_id": "gitea--CVE-2022-38183",
|
|
"title": "gitea--CVE-2022-38183",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:58+00:00",
|
|
"updated_at": "2026-03-18T03:53:04+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-30781": {
|
|
"canonical_id": "gitea--CVE-2022-30781",
|
|
"title": "gitea--CVE-2022-30781",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:52+00:00",
|
|
"updated_at": "2026-03-18T03:52:58+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-27313": {
|
|
"canonical_id": "gitea--CVE-2022-27313",
|
|
"title": "gitea--CVE-2022-27313",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:45+00:00",
|
|
"updated_at": "2026-03-18T03:52:52+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-1928": {
|
|
"canonical_id": "gitea--CVE-2022-1928",
|
|
"title": "gitea--CVE-2022-1928",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:39+00:00",
|
|
"updated_at": "2026-03-18T03:52:45+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-1058": {
|
|
"canonical_id": "gitea--CVE-2022-1058",
|
|
"title": "gitea--CVE-2022-1058",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:33+00:00",
|
|
"updated_at": "2026-03-18T03:52:39+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2022-0905": {
|
|
"canonical_id": "gitea--CVE-2022-0905",
|
|
"title": "gitea--CVE-2022-0905",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:26+00:00",
|
|
"updated_at": "2026-03-18T03:52:33+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-45331": {
|
|
"canonical_id": "gitea--CVE-2021-45331",
|
|
"title": "gitea--CVE-2021-45331",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:20+00:00",
|
|
"updated_at": "2026-03-18T03:52:26+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-45330": {
|
|
"canonical_id": "gitea--CVE-2021-45330",
|
|
"title": "gitea--CVE-2021-45330",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:14+00:00",
|
|
"updated_at": "2026-03-18T03:52:20+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-45327": {
|
|
"canonical_id": "gitea--CVE-2021-45327",
|
|
"title": "gitea--CVE-2021-45327",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:07+00:00",
|
|
"updated_at": "2026-03-18T03:52:14+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-3382": {
|
|
"canonical_id": "gitea--CVE-2021-3382",
|
|
"title": "gitea--CVE-2021-3382",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:52:01+00:00",
|
|
"updated_at": "2026-03-18T03:52:07+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-29134": {
|
|
"canonical_id": "gitea--CVE-2021-29134",
|
|
"title": "gitea--CVE-2021-29134",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-29134-20260318035154",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:54+00:00",
|
|
"updated_at": "2026-03-18T03:52:01+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2021-28378": {
|
|
"canonical_id": "gitea--CVE-2021-28378",
|
|
"title": "gitea--CVE-2021-28378",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2021-28378-20260318035148",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:48+00:00",
|
|
"updated_at": "2026-03-18T03:51:54+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2020-13246": {
|
|
"canonical_id": "gitea--CVE-2020-13246",
|
|
"title": "gitea--CVE-2020-13246",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2020-13246-20260318035142",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:42+00:00",
|
|
"updated_at": "2026-03-18T03:51:48+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2019-1010261": {
|
|
"canonical_id": "gitea--CVE-2019-1010261",
|
|
"title": "gitea--CVE-2019-1010261",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2019-1010261-20260318035135",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:35+00:00",
|
|
"updated_at": "2026-03-18T03:51:42+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2018-18926": {
|
|
"canonical_id": "gitea--CVE-2018-18926",
|
|
"title": "gitea--CVE-2018-18926",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2018-18926-20260318035129",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:29+00:00",
|
|
"updated_at": "2026-03-18T03:51:35+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": true,
|
|
"present": true,
|
|
"refs": [
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-page.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof.png",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof-dom.html",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-console.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-network.json",
|
|
"/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-page.json"
|
|
]
|
|
}
|
|
},
|
|
"gitea--CVE-2018-15192": {
|
|
"canonical_id": "gitea--CVE-2018-15192",
|
|
"title": "gitea--CVE-2018-15192",
|
|
"summary": "Derived from latest run gitea-gitea--CVE-2018-15192-20260318035123",
|
|
"display_name": "Gitea",
|
|
"system_id": "gitea",
|
|
"category": "platforms",
|
|
"severity": null,
|
|
"cvss_score": null,
|
|
"exploit_status": null,
|
|
"published_at": "2026-03-18T03:51:23+00:00",
|
|
"updated_at": "2026-03-18T03:51:29+00:00",
|
|
"official_source_url": "",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"token-cookie-storage",
|
|
"proxy-trust-boundary"
|
|
],
|
|
"verification_status": "verified-real",
|
|
"verification_mode": "real",
|
|
"artifact_mode": "local-fixture",
|
|
"blocked_reason": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
}
|
|
}
|
|
}
|