Release 1.4.0

Release 1.4.0 (2024-08-02)

News

• new: [webservice] Display severity informations for vulnerabilities from GitHub, NVD and Pysec.
• new: [API] Added an endpoint to let the user regenerate the API key.
• new: [API] New endpoint to let an administrator delete a user and a new endpoint in order to return information about the currently authenticated user (GET /user/me)
• new: [API] Added new endpoint (/configInfo) which returns non-sensitive information about the configuration of the system.

Improvements

• chg: [website] Reorganization and improvements to diffenrent views that are dedicated to administrators. (27088c9)
• test suite improvements (a51a144, 88f6e25, 46775e7)
• a boolean in the config file can now specify whether two-factor authentication is enforced or not (fedf631)

Fixes

• Spaces in vulnerability id in the main search box doesn't work.
• empty recent

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.