Skip to content

Releases: CERTCC/VINCE

VINCE v1.50.4

30 Mar 20:27
7e4a651
Compare
Choose a tag to compare
  • UI improvements for vincetrack for search experience
  • Performance tweaks for Tickets search use $queryset.count() instead of len($queryset) when pagination is used
  • Fix HTML injection vulnerabilities reported by Rapid7 researcher Nick Sanzotta (CVE-2022-40248, CVE-2022-40257)

What's Changed

Full Changelog: v1.50.3...v1.50.4

VINCE v1.50.3

30 Mar 20:26
a68ea58
Compare
Choose a tag to compare
  • Full support for CSAF 2.0 export of vulnerability Case
  • Fix for a number of Views to avoid digit parameter confusion
  • Add view CSAF and VINCE JSON to support download of Case data in machine-readable format
  • If upgrading, make sure you verify settings.py has new variables CONTACT_PHONE ORG_POLICY_URL and ORG_AUTHORITY populated.

What's Changed

Full Changelog: v1.50.2...v1.50.3

VINCE v1.50.2

30 Mar 20:24
1e74068
Compare
Choose a tag to compare
  • Resolves issue of enumerating user_id and group_id - reported by Sharon Brizinov of Claroty Research #51
  • Removed lxml library no longer in use in requirements.txt - reported by dependabot via #38
  • Add [DISABLED] Keyword for users in inactive status in vincetrack Teams menu view.

What's Changed

New Contributors

Full Changelog: v1.50.1...v1.50.2

VINCE v1.50.1

30 Mar 20:21
b21032e
Compare
Choose a tag to compare
  • BugFix for API key generation issue. The generate_key method was disabled accidentally

What's Changed

Full Changelog: v1.50.0...v1.50.1

VINCE v1.50.0

30 Mar 20:19
Compare
Choose a tag to compare
  • New MFA reset workflow
  • Allow comments when re-assigning tickets
  • Sorting improvements on VINCEComm Dashboard
  • Add Vul Note download button in VINCETrack
  • Fixed open redirect vulnerability CVE-2022-25799 reported by Jonathan Leitschuh
  • Bug Fixes

also includes changes from Version 1.49.0

  • Contact Management Updates
  • Dependency Upgrades
  • Bug Fixes

Full Changelog: v1.48.0...v1.50.0

VINCE v1.48.0

30 Mar 14:45
Compare
Choose a tag to compare

Initial open source release of VINCE

Full Changelog: https://github.com/CERTCC/VINCE/commits/v1.48.0