2.1 KiB
2.1 KiB
全库 Advisory 完整度报告
- 生成时间:
2026-03-18T14:12:34+00:00 - 最新 advisory 完整度:
89/89verified-real - 合成验证数量:
0 - 阻塞数量:
0 - 人工/待补证据数量:
0 - 完整度百分比:
100.0%
系统覆盖矩阵
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
|---|---|---|---|---|---|---|
| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
历史阻塞项修复纪要
- Docker daemon unavailable caused provision-compose-environment blocked-artifact.
- Family profiles previously used note-only attack runners and dry-run placeholders.
- Baseline and browser steps were skipped when environment readiness was not enforced.
- Latest completeness now uses one advisory -> latest run semantics instead of historical run piles.
Ingest / Source 健康度
- source failures:
12 - discourse::Discourse Meta Security::HTTPError
- drupal::Drupal Security Advisories Site::HTTPError
- django::Django Security RSS::HTTPError
- nuxt::Nuxt Security::SSLError
- vite::GitHub Global Advisories::SSLError
- spring-boot::Spring Security Advisories::ChunkedEncodingError
- laravel::GitHub Global Advisories::SSLError
- haproxy::HAProxy Security Advisories::HTTPError
- apache-httpd::Apache HTTPD Security::SSLError
- phpmyadmin::phpMyAdmin Security Page::SSLError
- jenkins::NVD Jenkins::SSLError
- adobe-commerce::Adobe Security Bulletins::ConnectionError
剩余风险说明
- 本报告按 advisory 的最新 run 计算;历史失败 run 仅保留审计价值,不再污染完整度数字。
browser_required=true的案例必须同时存在基线与攻击后浏览器证据,缺失则不会进入verified-real。- source collector 健康度单独计数;只有当 failures 归零时,报告与 dashboard 才算真正全绿。