Releases: cve-search/vulnerability-lookup
Release 1.7.0
News
- The sign-up process now verifies that the user is not using a disposable email address,
thanks to the MISP warning list of disposable emails. (177f6a9) - Added a Flask command to update the local MISP Warning Lists. This function is triggered
automatically when the Vulnerability Lookup instance is updated. (5370aa5) - Implemented a mechanism to execute maintenance background jobs directly from the admin panel. (f36053b)
- Integration of the Exploit Prediction Scoring System (EPSS) score. (9e54b71, 27b4487, 2e021ed).
- A theme switcher button with two modes: light mode (default) and dark mode. (09ab04a, 2e12ddf)
Changes
- Enhanced the formatting of comments and bundle descriptions using JavaScript. (ddedfca)
- Admins are now notified when a new comment is awaiting moderation. (9739292)
- All admin views were improved with better search capabilities.
Fixes
- Make the GET List (with filters) for Bundles in the API case insensitive. (32c9bb4)
- The search form must post the search to /search and not search. (4ce5227)
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
Release 1.6.0
News
- Importer for Tailscale vulnerabilities #68
- New user profile page with more information and detection of the country
during user sign-up using the CIRCL MMDB service #73 - Added the ability to filter comments by any taxonomy tags by clicking on the corresponding badge (b3e0bdf)
- Implemented a function to back up the database using pg_dump. This function is automatically triggered by the
project's update command, ensuring a backup is created before any database upgrades take place. (75ee913)
Improvements
- [API] Enhanced detection of CVE, GHSA, and PySec IDs within bundle descriptions and comments.
This enables automatic identification of related vulnerabilities linked to a comment or a bundle. (2c00695, 162a599, 401d780). - Added more validation to the various attributes of the User model. (758e571, 3a1cc60)
- Simplified search page (f2c55bc)
- Improved display of tables and lists generated from Markdown (in comments and bundles) (24fa4f9, 15fe9b2)
- The ranking of the users is now taking into account the contributions of comments and bundles.
Users who have never contributed are sorted by last_seen, after the processed result. (4e4a436) - Various graphical and accessibility improvements.
Fixes
- Do not iterate over meta tags when never defined in an object (93f9966)
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
Release 1.5.0
Release 1.5.0 (2024-08-30)
News
- new: Import JVN DB (Japan database of vulnerability countermeasure information).
Closes #67 - new: [commands] The dump command can now dump comments (--comments) and bundles (--bundles).
Closes #65. - new: [website] Is now possible to assign tags related to a comment.
Tags are automatically stored in the meta field of the comment. The default taxonomy used for the tags is defined in the MISP project: https://www.misp-project.org/taxonomies.html#_vulnerability_3
Improvements
- chg: [API] Added a new argument in order to let the user filter comments based on data in the meta JSON field.
- chg: [website] Filtering the list of public comments by their type (in the future with a taxonomy)
- chg: [website] Added references from the NVD meta section in the details view
- chg: [API] Added the possibility to filter bundles with a query on the meta JSONB field via the API.
Fixes
- fix: [website] Ensures that the vulnerability id has been specified by the user.
even when the user is an administrator.
Online version
If you want to test vulnerability-lookup without installing it, you can use the CIRCL public instance https://vulnerability.circl.lu/.
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
Release 1.4.0
Release 1.4.0 (2024-08-02)
News
- new: [webservice] Display severity informations for vulnerabilities from GitHub, NVD and Pysec.
- new: [API] Added an endpoint to let the user regenerate the API key.
- new: [API] New endpoint to let an administrator delete a user and a new endpoint in order to return information about the currently authenticated user (GET /user/me)
- new: [API] Added new endpoint (/configInfo) which returns non-sensitive information about the configuration of the system.
Improvements
- chg: [website] Reorganization and improvements to diffenrent views that are dedicated to administrators. (27088c9)
- test suite improvements (a51a144, 88f6e25, 46775e7)
- a boolean in the config file can now specify whether two-factor authentication is enforced or not (fedf631)
Fixes
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
Release 1.3.0
Release 1.3.0 (26-07-2024)
Improvements
- Vulnerability Details Page Enhancements: We've significantly enhanced the vulnerabilities details page. It now presents more relevant information and the layout has been substantially improved for a better user experience.
- API Enhancements: Various improvements have been made to the API for better performance and functionality.
- UI Enhancements: Edition/action buttons are now hidden when not logged in (#57).
- Importer Improvements: Enhancements have been made to various importers (37d3a6d).
Fixes
- Custom Vulnerability Display Bug: Fixed an issue where custom vulnerabilities were not displayed correctly (#58).
- New Vulnerability Creation Issue: Resolved the problem where new vulnerabilities couldn't be created without a CVE number (#56).
- Webservice Sorting Fix: Fixed the sorting issue of contributors versus users (46195d1).
- Minor Fixes: Various minor fixes have been implemented to improve overall stability and performance.
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements
vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements
Notable Changes
Bundles Management
- Introduced a new SQLAlchemy model, Bundle, for the website.
- Included migration script and automatic execution of migrations via the app
update
script. Details here.
- Included migration script and automatic execution of migrations via the app
- Added a new API endpoint for managing bundles:
- Only administrators can create, edit, and delete bundles.
- Bundles are always public.
- Added a third tab in the
vulnerability_view
page (/vuln/vuln-id
) to list bundles referencing the current vulnerability. - Introduced a new view (
/bundle/<bundle-uuid>
) presenting bundle details with a share button (Reddit, Newspipe, Pinboard).
User Profile Page
- Implemented a new column-based layout with data loaded via the API.
- Displayed recent comments and bundles owned by a user in two columns with dedicated RSS/ATOM feeds.
- Added new RSS/ATOM feeds to publish user activity (
/user/<login>.atom
or/user/<login>.rss
).
Minor Fixes
- Fixed: Name of vendors returned by
get_vendors
are now lowercase, addressing an issue in vendor search. - Fixed:
vulnerabilitylookup.get_vendors
returns lowercase results. - Various other minor fixes.
Minor Changes
- Enabled CSRF globally.
- Added a datalist refresh system in JavaScript for the freetext input field on the home page.
- Rendered Markdown code from GitHub, PySec, and VarIoT advisories.
- Backend no longer validates JSON vulnerability data sent from an admin.
- Implemented a blocklist for usernames to prevent undesirable words.
- Replaced
moment.js
withLuxon
. - Added the option to specify a vendor ID in the feed of recent vulnerabilities.
- Displayed the number of elements in each tab on the
/vuln/<vuln-id>
page. - Improved the About page.
Additional Improvements
- Enhanced the display of the
/recent
pages with better column sizing for easier readability. - Harmonized the format and data of various RSS/ATOM feeds.
- Made improvements to the users directory page.
- Made various improvements to the API, including harmonization of query parameters, result marshaling, and pagination.
- Other small changes and enhancements.
Funding
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
vulnerability-lookup version 1.1.0 released with new extension RSS/ATOM support, ability to comment vulnerabilities and many other improvements
Summary of Changes in Vulnerability-Lookup v1.1.0
Main Changes:
- Comments Tab: Added a new tab for viewing and managing comments on vulnerabilities.
- RSS/ATOM Feed: Linked vulnerabilities now include an RSS/ATOM feed link.
- Admin Comments Management: Administrators can now validate or delete comments via a dedicated page.
- All Comments Page: A new page listing all comments is available at
/comments
. - User Model Update: User model now includes fields for storing names and organization.
- User Management API: Added a new endpoint (
/api/user/
) for managing users, including listing and creating user accounts. - User Profiles: Users now have individual profile pages at
/user/<login>
.
Graphical Improvements:
- Nav-Tabs Component: Introduced a nav-tabs component with tabs for related vulnerabilities and comments.
- Enhanced Pages: Improved the design of the login, signup, and password recovery pages.
- Recent Vulnerabilities Table: Made minor enhancements to the table displaying recent vulnerabilities at
/recent
.
An online version is available at the following location https://vulnerability.circl.lu/
vulnerability-lookup version 1.0.0 released with new user management interface, new VarIOT sources and vulnerability editor
vulnerability-lookup version 1.0.0 released with new user management interface, new VarIOT sources and vulnerability editor.
Vulnerability-Lookup Version 1.0.0 Released
Highlights
-
New User Management Interface:
- Added functionality for creating, validating, and managing users.
-
New VARIoT Sources:
- Integrated VARIoT source into vulnerability-lookup (API key is required).
-
Enhanced Vulnerability Editor:
- New local source feature to easily copy, edit, and publish vulnerabilities on the vulnerability-lookup instance using Vulnogram.
-
Bug Fixes and Improvements:
- Numerous bug fixes and small enhancements to improve overall performance and stability.
v0.7.0
New Features
- News feed by @cedricbonhomme in #30
- Support for CSAF sources (CERT Bund, RedHat, Siemens, CISA, CISCO, Nozomi Networks, OpenXchange, SICK)
- OSSF Malicious packages repository
- Pagination for recent vulnerabilities (API & Web)
What's Changed
- build(deps): bump actions/cache from 3 to 4 by @dependabot in #19
- Many UI improvements
- Add tests for website
New Contributors
- @cedricbonhomme made their first contribution in #30
Full Changelog: v0.6.0...v0.7.0
Release candidate with basic features
Features
- A fast lookup API to search for vulnerabilities.
- Modular system to import different vulnerability sources.
- An API for adding new vulnerability including ID assignent, state and disclosure.
Feeders
- NIST NVD CVE importer (via API 2.0)
- Cloud Security Alliance - GSD-Database (via git submodule repository)
- GitHub Advisory Database (via git submodule repository)