websafe-kb/06-case-studies/generated-runs/gitea-livecheck-20260316/report.html

<!doctype html>
<html><head><meta charset='utf-8'><title>websafe run report</title>
<style>body{font-family:ui-sans-serif,system-ui,sans-serif;margin:2rem;line-height:1.55;background:#f8fafc;color:#0f172a;} code,pre{background:#e2e8f0;padding:.2rem .4rem;border-radius:.3rem;} pre{white-space:pre-wrap;} .grid{display:grid;grid-template-columns:repeat(2,minmax(0,1fr));gap:1rem;} .card{border:1px solid #cbd5e1;padding:1rem;border-radius:.75rem;background:#fff;} table{width:100%;border-collapse:collapse;background:#fff;border:1px solid #cbd5e1;border-radius:.75rem;overflow:hidden;} th,td{padding:.75rem;border-bottom:1px solid #e2e8f0;text-align:left;vertical-align:top;} img{max-width:100%;border:1px solid #cbd5e1;border-radius:.5rem;} .gallery{display:grid;grid-template-columns:repeat(auto-fit,minmax(320px,1fr));gap:1rem;}</style>
</head><body>
<h1>Run gitea-livecheck-20260316</h1>
<div class='grid'>
<div class='card'><strong>Advisory</strong><br><code>gitea--CVE-2025-68939</code></div>
<div class='card'><strong>Status</strong><br><code>blocked-artifact</code></div>
<div class='card'><strong>Profile</strong><br><code>file-upload-generic</code></div>
<div class='card'><strong>Artifact Mode</strong><br><code>official-image</code></div>
</div>
<h2>Mermaid Timeline</h2>
<pre>flowchart LR
A[&quot;Select Advisory&quot;] --&gt; B[&quot;Resolve Repro Profile&quot;]
B --&gt; C[&quot;Provision Compose Environment&quot;]
C --&gt; D[&quot;Baseline Snapshot&quot;]
D --&gt; E[&quot;Controlled Attack Steps&quot;]
E --&gt; F[&quot;Browser Replay&quot;]
F --&gt; G[&quot;Collect Logs and Evidence&quot;]
G --&gt; H[&quot;Update Registry and Reports&quot;]
H --&gt; I[&quot;Blocked: unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to &quot;]</pre>
<h2>Timeline</h2>
<table><thead><tr><th>Time</th><th>Step</th><th>Status</th><th>Detail</th></tr></thead><tbody>
<tr><td><code>2026-03-17T07:02:55+00:00</code></td><td><code>select-advisory</code></td><td><code>completed</code></td><td>gitea--CVE-2025-68939</td></tr>
<tr><td><code>2026-03-17T07:02:55+00:00</code></td><td><code>resolve-repro-profile</code></td><td><code>completed</code></td><td>file-upload-generic</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>provision-compose-environment</code></td><td><code>blocked-artifact</code></td><td>unable to get image &#x27;gitea/gitea:1.22.6&#x27;: Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>baseline-snapshot</code></td><td><code>skipped</code></td><td>no baseline urls or provisioning blocked</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>browser-replay-before-attack</code></td><td><code>skipped</code></td><td>baseline browser capture unavailable</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>controlled-attack-chain</code></td><td><code>skipped</code></td><td>provisioning blocked</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>browser-replay-after-attack</code></td><td><code>skipped</code></td><td>proof browser capture unavailable</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>collect-logs-and-evidence</code></td><td><code>skipped</code></td><td>container_logs=0</td></tr>
<tr><td><code>2026-03-17T07:02:56+00:00</code></td><td><code>update-registry-and-reports</code></td><td><code>completed</code></td><td>gitea-livecheck-20260316</td></tr>
</tbody></table>
<h2>Attack Steps</h2>
<table><thead><tr><th>Tool</th><th>Status</th><th>Output</th></tr></thead><tbody>
<tr><td><code>-</code></td><td><code>skipped</code></td><td><code>no attack steps</code></td></tr>
</tbody></table>
<h2>Evidence</h2><ul>
<li><code>compose/compose.yaml</code></li>
</ul>
</body></html>