chg: Fixed about.html layout.
Some checks failed
API Test / Python 3.11 sample (push) Has been cancelled
API Test / Python 3.12 sample (push) Has been cancelled
Models Tests / Python 3.11 sample (push) Has been cancelled
Models Tests / Python 3.12 sample (push) Has been cancelled
Deploy Jekyll with GitHub Pages dependencies preinstalled / deploy (push) Has been cancelled
CodeQL / Analyze (push) Has been cancelled
Models Tests / Python 3.10 sample (push) Has been cancelled
Deploy Jekyll with GitHub Pages dependencies preinstalled / build (push) Has been cancelled
MyPy / Python 3.10 sample (push) Has been cancelled
MyPy / Python 3.11 sample (push) Has been cancelled
MyPy / Python 3.12 sample (push) Has been cancelled
API Test / Python 3.10 sample (push) Has been cancelled

This commit is contained in:
Cédric Bonhomme 2024-11-30 16:42:47 +01:00
parent 48da116f8f
commit e8cad50cef
Signed by untrusted user who does not match committer: cedric
GPG key ID: A1CB94DE57B7A70D
2 changed files with 43 additions and 31 deletions

View file

@ -25,9 +25,9 @@ is available at [https://vulnerability.circl.lu](https://vulnerability.circl.lu)
- **Comments**: Ability to add, review and share comments on vulnerability advisories. - **Comments**: Ability to add, review and share comments on vulnerability advisories.
- **Bundles**: Possibility to create bundles of vulnerability advisories with a description. - **Bundles**: Possibility to create bundles of vulnerability advisories with a description.
- **RSS/Atom**: An extensive RSS and Atom support for vulnerabilities and comments. - **RSS/Atom**: An extensive RSS and Atom support for vulnerabilities and comments.
- **EPSS**: Integration of the Exploit Prediction Scoring System score. - **EPSS**: Integration of the Exploit Prediction Scoring System.
The official documentation is available [here](https://vulnerability.circl.lu/documentation). The official documentation is available [here](https://www.vulnerability-lookup.org/documentation).
## Sources and Feeders ## Sources and Feeders
@ -65,17 +65,9 @@ If you want to create your own sigthing tool, it's recommended to use [PyVulnera
- Recent version of Poetry - Recent version of Poetry
- [Kvrocks database](https://github.com/apache/kvrocks) - [Kvrocks database](https://github.com/apache/kvrocks)
[Installation instructions](https://vulnerability.circl.lu/documentation/installation.html) are available in the documentation. [Installation instructions](https://www.vulnerability-lookup.org/documentation/installation.html) are available in the documentation.
## Why Vulnerability-Lookup ?
Vulnerability-Lookup is a rewritten version of cve-search, an open-source tool initially aimed at maintaining a local CVE database.
The original cve-search had design and scalability limitations, and its public instance operated by CIRCL is maxing out at 20,000 queries per second.
As vulnerability sources have diversified beyond the NVD CVE, a new tool was needed to support the CVD process,
allowing for bundling, commenting, publishing, and extending vulnerability information in a collaborative manner.
## Architecture ## Architecture
![Overview of the Vulnerability-Lookup architecture](docs/_static/img/vulnerability-lookup.png) ![Overview of the Vulnerability-Lookup architecture](docs/_static/img/vulnerability-lookup.png)

View file

@ -21,10 +21,43 @@
style="max-height: 140px; margin-right: 10px;" /> style="max-height: 140px; margin-right: 10px;" />
</div> </div>
</div> </div>
<p><a href="https://github.com/cve-search/vulnerability-lookup" rel="noreferrer" target="_blank">Vulnerability-Lookup</a> facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).</p> <p>
{% if config.user_accounts %}<p>Vulnerability-Lookup is also a collaborative platform where users can <a href="{{ url_for('comments_bp.list_comments') }}">comment</a> on security advisories and create <a href="{{ url_for('bundles_bp.list_bundles') }}">bundles</a>.</p> <a href="https://www.vulnerability-lookup.org" rel="noreferrer" target="_blank">Vulnerability-Lookup</a>
<p><a href="{{ url_for('user_bp.login') }}">Log in</a> or <a href="{{ url_for('user_bp.signup') }}">create an account</a> to contribute to the platform. You will receive an API token to fully utilize the <a href="{{ url_for('apiv1.doc') }}">API's features</a>.</p>{% endif %} facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs,
<h3>Sources</h3> and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
</p>
{% if config.user_accounts %}
<p>Vulnerability-Lookup is also a collaborative platform where users can <a href="{{ url_for('comments_bp.list_comments') }}">comment</a> on security advisories and create <a href="{{ url_for('bundles_bp.list_bundles') }}">bundles</a>.</p>
<p><a href="{{ url_for('user_bp.login') }}">Log in</a> or <a href="{{ url_for('user_bp.signup') }}">create an account</a> to contribute to the platform. You will receive an API token to fully utilize the <a href="{{ url_for('apiv1.doc') }}">API's features</a>.</p>
{% endif %}
</div>
</div>
<br />
<div class="card">
<div class="card-header d-flex align-items-center">
<h5 id="documentation" class="mb-0">Documentation</h5>
</div>
<div class="card-body">
<p>You can read the <a href="https://vulnerability.circl.lu/documentation" rel="noreferrer" target="_blank">official documentation</a> as well as the <a href="{{ url_for('apiv1.doc') }}">documentation dedicated to the API</a>.</p>
<p>Found a bug? Report it <a href="https://github.com/cve-search/vulnerability-lookup/issues" rel="noreferrer" target="_blank">here</a>.</p>
<p>
This software is under AGPLv3 license. You are welcome to copy, modify or
redistribute the <a href="https://github.com/cve-search/vulnerability-lookup" rel="noreferrer" target="_blank">source code</a>
according to the <a href="https://www.gnu.org/licenses/agpl-3.0.html" rel="noreferrer" target="_blank">Affero GPL</a> license.
</p>
</div>
</div>
<br />
<div class="card">
<div class="card-header d-flex align-items-center">
<h5 id="about" class="mb-0 flex-grow-1">Sources</h5>
</div>
<div class="card-body">
<p>Vulnerability-Lookup consolidates vulnerabilities from multiple sources.</p> <p>Vulnerability-Lookup consolidates vulnerabilities from multiple sources.</p>
<ul class="list-group"> <ul class="list-group">
<li class="list-group-item d-flex justify-content-between align-items-center"><a href="https://github.com/CVEProject/cvelistV5" rel="noreferrer" target="_blank">CVE List v5</a> <li class="list-group-item d-flex justify-content-between align-items-center"><a href="https://github.com/CVEProject/cvelistV5" rel="noreferrer" target="_blank">CVE List v5</a>
@ -72,7 +105,8 @@
<li class="list-group-item d-flex justify-content-between align-items-center"><a href="https://tailscale.com/security-bulletins" rel="noreferrer" target="_blank">Tailscale</a> <li class="list-group-item d-flex justify-content-between align-items-center"><a href="https://tailscale.com/security-bulletins" rel="noreferrer" target="_blank">Tailscale</a>
<span class="badge bg-primary rounded-pill">{{ storage_info["db_sizes"]["tailscale"] }} vulnerabilities</span> <span class="badge bg-primary rounded-pill">{{ storage_info["db_sizes"]["tailscale"] }} vulnerabilities</span>
</li> </li>
</lu> </ul>
<br />
<h3>Formats</h3> <h3>Formats</h3>
<p> <p>
Vulnerability-Lookup supports multiple formats, offering flexibility in usage. We provide importers for various formats including Vulnerability-Lookup supports multiple formats, offering flexibility in usage. We provide importers for various formats including
@ -83,21 +117,7 @@
</p> </p>
</div> </div>
</div> </div>
<br />
<div class="card">
<div class="card-header d-flex align-items-center">
<h5 id="documentation" class="mb-0">Documentation</h5>
</div>
<div class="card-body">
<p>You can read the <a href="https://vulnerability.circl.lu/documentation" rel="noreferrer" target="_blank">official documentation</a> as well as the <a href="{{ url_for('apiv1.doc') }}">documentation dedicated to the API</a>.</p>
<p>Found a bug? Report it <a href="https://github.com/cve-search/vulnerability-lookup/issues" rel="noreferrer" target="_blank">here</a>.</p>
<p>
This software is under AGPLv3 license. You are welcome to copy, modify or
redistribute the <a href="https://github.com/cve-search/vulnerability-lookup" rel="noreferrer" target="_blank">source code</a>
according to the <a href="https://www.gnu.org/licenses/agpl-3.0.html" rel="noreferrer" target="_blank">Affero GPL</a> license.
</p>
</div>
</div>
<br /> <br />
<div class="card"> <div class="card">
<div class="card-header d-flex align-items-center"> <div class="card-header d-flex align-items-center">