Release 1.4.0

Release 1.4.0 (2024-08-02)

News

• new: [webservice] Display severity informations for vulnerabilities from GitHub, NVD and Pysec.
• new: [API] Added an endpoint to let the user regenerate the API key.
• new: [API] New endpoint to let an administrator delete a user and a new endpoint in order to return information about the currently authenticated user (GET /user/me)
• new: [API] Added new endpoint (/configInfo) which returns non-sensitive information about the configuration of the system.

Improvements

• chg: [website] Reorganization and improvements to diffenrent views that are dedicated to administrators. (27088c9)
• test suite improvements (a51a144, 88f6e25, 46775e7)
• a boolean in the config file can now specify whether two-factor authentication is enforced or not (fedf631)

Fixes

• Spaces in vulnerability id in the main search box doesn't work.
• empty recent

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.

Release 1.3.0

Release 1.3.0 (26-07-2024)

Improvements

• Vulnerability Details Page Enhancements: We've significantly enhanced the vulnerabilities details page. It now presents more relevant information and the layout has been substantially improved for a better user experience.
• API Enhancements: Various improvements have been made to the API for better performance and functionality.
• UI Enhancements: Edition/action buttons are now hidden when not logged in (#57).
• Importer Improvements: Enhancements have been made to various importers (37d3a6d).

Fixes

• Custom Vulnerability Display Bug: Fixed an issue where custom vulnerabilities were not displayed correctly (#58).
• New Vulnerability Creation Issue: Resolved the problem where new vulnerabilities couldn't be created without a CVE number (#56).
• Webservice Sorting Fix: Fixed the sorting issue of contributors versus users (46195d1).
• Minor Fixes: Various minor fixes have been implemented to improve overall stability and performance.

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.

vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements

vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements

Notable Changes

Bundles Management

• Introduced a new SQLAlchemy model, Bundle, for the website.
  • Included migration script and automatic execution of migrations via the app update script. Details here.
• Added a new API endpoint for managing bundles:
  • Only administrators can create, edit, and delete bundles.
  • Bundles are always public.
• Added a third tab in the vulnerability_view page (/vuln/vuln-id) to list bundles referencing the current vulnerability.
• Introduced a new view (/bundle/<bundle-uuid>) presenting bundle details with a share button (Reddit, Newspipe, Pinboard).

User Profile Page

• Implemented a new column-based layout with data loaded via the API.
• Displayed recent comments and bundles owned by a user in two columns with dedicated RSS/ATOM feeds.
• Added new RSS/ATOM feeds to publish user activity (/user/<login>.atom or /user/<login>.rss).

Minor Fixes

• Fixed: Name of vendors returned by get_vendors are now lowercase, addressing an issue in vendor search.
• Fixed: vulnerabilitylookup.get_vendors returns lowercase results.
• Various other minor fixes.

Minor Changes

• Enabled CSRF globally.
• Added a datalist refresh system in JavaScript for the freetext input field on the home page.
• Rendered Markdown code from GitHub, PySec, and VarIoT advisories.
• Backend no longer validates JSON vulnerability data sent from an admin.
• Implemented a blocklist for usernames to prevent undesirable words.
• Replaced moment.js with Luxon.
• Added the option to specify a vendor ID in the feed of recent vulnerabilities.
• Displayed the number of elements in each tab on the /vuln/<vuln-id> page.
• Improved the About page.

Additional Improvements

• Enhanced the display of the /recent pages with better column sizing for easier readability.
• Harmonized the format and data of various RSS/ATOM feeds.
• Made improvements to the users directory page.
• Made various improvements to the API, including harmonization of query parameters, result marshaling, and pagination.
• Other small changes and enhancements.

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.

vulnerability-lookup version 1.1.0 released with new extension RSS/ATOM support, ability to comment vulnerabilities and many other improvements

Summary of Changes in Vulnerability-Lookup v1.1.0

Main Changes:

• Comments Tab: Added a new tab for viewing and managing comments on vulnerabilities.
• RSS/ATOM Feed: Linked vulnerabilities now include an RSS/ATOM feed link.
• Admin Comments Management: Administrators can now validate or delete comments via a dedicated page.
• All Comments Page: A new page listing all comments is available at /comments.
• User Model Update: User model now includes fields for storing names and organization.
• User Management API: Added a new endpoint (/api/user/) for managing users, including listing and creating user accounts.
• User Profiles: Users now have individual profile pages at /user/<login>.

Graphical Improvements:

• Nav-Tabs Component: Introduced a nav-tabs component with tabs for related vulnerabilities and comments.
• Enhanced Pages: Improved the design of the login, signup, and password recovery pages.
• Recent Vulnerabilities Table: Made minor enhancements to the table displaying recent vulnerabilities at /recent.

An online version is available at the following location https://vulnerability.circl.lu/

vulnerability-lookup version 1.0.0 released with new user management interface, new VarIOT sources and vulnerability editor

vulnerability-lookup version 1.0.0 released with new user management interface, new VarIOT sources and vulnerability editor.

Vulnerability-Lookup Version 1.0.0 Released

Highlights

• New User Management Interface:

  • Added functionality for creating, validating, and managing users.

• New VARIoT Sources:

  • Integrated VARIoT source into vulnerability-lookup (API key is required).

• Enhanced Vulnerability Editor:

  • New local source feature to easily copy, edit, and publish vulnerabilities on the vulnerability-lookup instance using Vulnogram.

• Bug Fixes and Improvements:

  • Numerous bug fixes and small enhancements to improve overall performance and stability.

v0.7.0

New Features

• News feed by @cedricbonhomme in #30
• Support for CSAF sources (CERT Bund, RedHat, Siemens, CISA, CISCO, Nozomi Networks, OpenXchange, SICK)
• OSSF Malicious packages repository
• Pagination for recent vulnerabilities (API & Web)

What's Changed

• build(deps): bump actions/cache from 3 to 4 by @dependabot in #19
• Many UI improvements
• Add tests for website

New Contributors

• @cedricbonhomme made their first contribution in #30

Full Changelog: v0.6.0...v0.7.0

Release candidate with basic features

Features

• A fast lookup API to search for vulnerabilities.
• Modular system to import different vulnerability sources.
• An API for adding new vulnerability including ID assignent, state and disclosure.

Feeders

• NIST NVD CVE importer (via API 2.0)
• Cloud Security Alliance - GSD-Database (via git submodule repository)
• GitHub Advisory Database (via git submodule repository)