vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements

vulnerability-lookup version 1.2.0 released with new bundle features, many API improvements, UI and many other improvements

Notable Changes

Bundles Management

• Introduced a new SQLAlchemy model, Bundle, for the website.
  • Included migration script and automatic execution of migrations via the app update script. Details here.
• Added a new API endpoint for managing bundles:
  • Only administrators can create, edit, and delete bundles.
  • Bundles are always public.
• Added a third tab in the vulnerability_view page (/vuln/vuln-id) to list bundles referencing the current vulnerability.
• Introduced a new view (/bundle/<bundle-uuid>) presenting bundle details with a share button (Reddit, Newspipe, Pinboard).

User Profile Page

• Implemented a new column-based layout with data loaded via the API.
• Displayed recent comments and bundles owned by a user in two columns with dedicated RSS/ATOM feeds.
• Added new RSS/ATOM feeds to publish user activity (/user/<login>.atom or /user/<login>.rss).

Minor Fixes

• Fixed: Name of vendors returned by get_vendors are now lowercase, addressing an issue in vendor search.
• Fixed: vulnerabilitylookup.get_vendors returns lowercase results.
• Various other minor fixes.

Minor Changes

• Enabled CSRF globally.
• Added a datalist refresh system in JavaScript for the freetext input field on the home page.
• Rendered Markdown code from GitHub, PySec, and VarIoT advisories.
• Backend no longer validates JSON vulnerability data sent from an admin.
• Implemented a blocklist for usernames to prevent undesirable words.
• Replaced moment.js with Luxon.
• Added the option to specify a vendor ID in the feed of recent vulnerabilities.
• Displayed the number of elements in each tab on the /vuln/<vuln-id> page.
• Improved the About page.

Additional Improvements

• Enhanced the display of the /recent pages with better column sizing for easier readability.
• Harmonized the format and data of various RSS/ATOM feeds.
• Made improvements to the users directory page.
• Made various improvements to the API, including harmonization of query parameters, result marshaling, and pagination.
• Other small changes and enhancements.

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.