links to compose

ucsb-seclab · Jun 7, 2024 · b0d8b94 · b0d8b94
1 parent 9024e6d
commit b0d8b94
Show file tree

Hide file tree

Showing 12 changed files with 126 additions and 101 deletions.
diff --git a/data/cvex_data/cvex_v2.json b/data/cvex_data/cvex_v2.json
@@ -6,6 +6,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/tree/main/prototype-cvex",
     "images": ["demo/client", "demo/server", "demo/listener"],
     "description": "A Proof of Concept Demonstration of our CVEX model/framework",
     "page": "/CVEX-XPLOR/"
@@ -16,6 +17,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/blob/main/compose-files/docker-compose.cvex-2017-1000499.yml",
     "images": ["cvex-2017-1000499/client", "cvex-2017-1000499/server", "cvex-2017-1000499/db", "cvex-2017-1000499/listener"],
     "description": "phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.",
     "page": "/CVEX-2017-1000499/"
@@ -26,6 +28,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/blob/main/compose-files/docker-compose.cvex-2023-28155.yml",
     "images": ["cvex-2023-28155/listener", "cvex-2023-28155/client", "cvex-2023-28155/bad_server", "cvex-2023-28155/php_server"],
     "description": "The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.",
     "page": "/CVEX-2023-28155/"
@@ -36,6 +39,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/blob/main/compose-files/docker-compose.cvex-2017-1000499.yml",
     "images": ["cvex-2023-31419/client","cvex-2023-31419/server","cvex-2023-31419/listener"],
     "description": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.",
     "page": "/CVEX-2023-31419/"
@@ -46,6 +50,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link":"https://github.com/ucsb-seclab/cvex-xplor/blob/main/compose-files/docker-compose.cvex-2023-42282.yml",
     "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"],
     "description": "The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.",
     "page": "/CVEX-2023-42282/"
@@ -56,6 +61,7 @@
     "authors":["racheljiang310"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/blob/main/compose-files/docker-compose.cvex-2024-21508.yml",
     "images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"],
     "description": "Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.",
     "page": "/CVEX-2024-21508/"
@@ -66,6 +72,7 @@
     "authors":["yarwinliu"],
     "version": 2.0,
     "domain": "ghcr.io/ucsb-seclab",
+    "link": "https://github.com/ucsb-seclab/cvex-xplor/tree/main/CVEX-2023-0286",
     "images": ["cvex-2024-21508/listener", "cvex-2024-21508/server", "cvex-2024-21508/client"],
     "description": "Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.",
     "page": "/CVEX-2023-0286/"

diff --git a/public/404.html b/public/404.html
@@ -1,18 +1,18 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=62861&amp;path=livereload" data-no-instant defer></script>
+  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script>
 <title>404 Page not found :: Common Vulneravilities and Exposures with Exploits</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 <meta name="description" content="" />
 <meta name="keywords" content="" />
 <meta name="robots" content="noodp" />
-<link rel="canonical" href="http://localhost:62861/404.html" />
+<link rel="canonical" href="http://localhost:1313/404.html" />
 <meta property="og:locale" content="en" />
 <meta property="og:title" content="404 Page not found :: Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:description" content="" />
   <meta property="og:type" content="website" />
-<meta property="og:url" content="http://localhost:62861/404.html" />
+<meta property="og:url" content="http://localhost:1313/404.html" />
 <meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:image" content="" />
 <meta property="og:image:width" content="2048" />
@@ -28,7 +28,7 @@
   rel="stylesheet"
 />
 <link href="./404.html" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
-<link rel="stylesheet" href="http://localhost:62861/styles.css" />
+<link rel="stylesheet" href="http://localhost:1313/styles.css" />
 </head>
 
   <body>
@@ -38,7 +38,7 @@
 <nav class="navbar">
   <div class="navbar__first">
     <ul class="navbar__list borders">
-      <li><a href="http://localhost:62861/">Home</a></li>
+      <li><a href="http://localhost:1313/">Home</a></li>
       <li><a href="./research/">Statement</a></li>
       <li><a href="./directoryv1/">CVEX 1.0 Directory</a></li>
       <li><a href="./directoryv2/">CVEX 2.0 Directory</a></li>
@@ -64,20 +64,20 @@
       <h1 class="post-title">404 — Page not found...</h1>
     </header>
     <p>
-      <a href="http://localhost:62861/">Back to home page&nbsp;→</a>
+      <a href="http://localhost:1313/">Back to home page&nbsp;→</a>
     </p>
   </article>
         </main>
         <footer class="site-footer">
 <p class="buildinfo">
-  <time datetime="2024-06-05 10:47:09 PDT">Site built on: 2024-06-05 10:47:09 PDT</time>
+  <time datetime="2024-06-07 00:26:22 PDT">Site built on: 2024-06-07 00:26:22 PDT</time>
 </p>
 <div class="copyright">
   <p></p>
   <nav class="navbar">
     <ul class="navbar__list">
-      <li><a href="http://localhost:62861/posts/index.xml">RSS</a></li>
-      <li><a href="http://localhost:62861/sitemap.xml">Sitemap</a></li>
+      <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
+      <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
     </ul>
   </nav>
 </div>

diff --git a/public/CVEX-2017-1000499/index.html b/public/CVEX-2017-1000499/index.html
@@ -1,21 +1,21 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=62861&amp;path=livereload" data-no-instant defer></script>
+  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script>
 <title>CVEX-2017-1000499 :: Common Vulneravilities and Exposures with Exploits</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 <meta name="description" content="phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc." />
 <meta name="keywords" content="" />
 <meta name="robots" content="noodp" />
-<link rel="canonical" href="http://localhost:62861/CVEX-2017-1000499/" />
+<link rel="canonical" href="http://localhost:1313/CVEX-2017-1000499/" />
 <meta property="og:locale" content="en" />
 <meta property="og:title" content="CVEX-2017-1000499 :: Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:description" content="phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc." />
   <meta property="og:type" content="article" />
     <meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
     <meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
   <meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
-<meta property="og:url" content="http://localhost:62861/CVEX-2017-1000499/" />
+<meta property="og:url" content="http://localhost:1313/CVEX-2017-1000499/" />
 <meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:image" content="" />
 <meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
   rel="stylesheet"
 />
 <link href="../CVEX-2017-1000499/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
-<link rel="stylesheet" href="http://localhost:62861/styles.css" />
+<link rel="stylesheet" href="http://localhost:1313/styles.css" />
 </head>
 
   <body>
@@ -41,7 +41,7 @@
 <nav class="navbar">
   <div class="navbar__first">
     <ul class="navbar__list borders">
-      <li><a href="http://localhost:62861/">Home</a></li>
+      <li><a href="http://localhost:1313/">Home</a></li>
       <li><a href="../research/">Statement</a></li>
       <li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
       <li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
 </header>
         <main class="site-main"><article class="post">
     <header class="post-header">
-        <h1 class="post-title"><a href="http://localhost:62861/CVEX-2017-1000499/">CVEX-2017-1000499</a></h1>
+        <h1 class="post-title"><a href="http://localhost:1313/CVEX-2017-1000499/">CVEX-2017-1000499</a></h1>
         <div class="post-meta">
             <time pubdate datetime="2024-05-27 15:34:00 PDT">
               Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="http://localhost:62861/CVEX-2017-1000499/">CVEX-
         </main>
         <footer class="site-footer">
 <p class="buildinfo">
-  <time datetime="2024-06-05 10:47:09 PDT">Site built on: 2024-06-05 10:47:09 PDT</time>
+  <time datetime="2024-06-07 00:26:22 PDT">Site built on: 2024-06-07 00:26:22 PDT</time>
 </p>
 <div class="copyright">
   <p></p>
   <nav class="navbar">
     <ul class="navbar__list">
-      <li><a href="http://localhost:62861/posts/index.xml">RSS</a></li>
-      <li><a href="http://localhost:62861/sitemap.xml">Sitemap</a></li>
+      <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
+      <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
     </ul>
   </nav>
 </div>

diff --git a/public/CVEX-2023-28155/index.html b/public/CVEX-2023-28155/index.html
@@ -1,21 +1,21 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=62861&amp;path=livereload" data-no-instant defer></script>
+  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script>
 <title>CVEX-2023-28155 :: Common Vulneravilities and Exposures with Exploits</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 <meta name="description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." />
 <meta name="keywords" content="" />
 <meta name="robots" content="noodp" />
-<link rel="canonical" href="http://localhost:62861/CVEX-2023-28155/" />
+<link rel="canonical" href="http://localhost:1313/CVEX-2023-28155/" />
 <meta property="og:locale" content="en" />
 <meta property="og:title" content="CVEX-2023-28155 :: Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." />
   <meta property="og:type" content="article" />
     <meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
     <meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
   <meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
-<meta property="og:url" content="http://localhost:62861/CVEX-2023-28155/" />
+<meta property="og:url" content="http://localhost:1313/CVEX-2023-28155/" />
 <meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:image" content="" />
 <meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
   rel="stylesheet"
 />
 <link href="../CVEX-2023-28155/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
-<link rel="stylesheet" href="http://localhost:62861/styles.css" />
+<link rel="stylesheet" href="http://localhost:1313/styles.css" />
 </head>
 
   <body>
@@ -41,7 +41,7 @@
 <nav class="navbar">
   <div class="navbar__first">
     <ul class="navbar__list borders">
-      <li><a href="http://localhost:62861/">Home</a></li>
+      <li><a href="http://localhost:1313/">Home</a></li>
       <li><a href="../research/">Statement</a></li>
       <li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
       <li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
 </header>
         <main class="site-main"><article class="post">
     <header class="post-header">
-        <h1 class="post-title"><a href="http://localhost:62861/CVEX-2023-28155/">CVEX-2023-28155</a></h1>
+        <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-28155/">CVEX-2023-28155</a></h1>
         <div class="post-meta">
             <time pubdate datetime="2024-05-27 15:34:00 PDT">
               Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="http://localhost:62861/CVEX-2023-28155/">CVEX-20
         </main>
         <footer class="site-footer">
 <p class="buildinfo">
-  <time datetime="2024-06-05 10:47:09 PDT">Site built on: 2024-06-05 10:47:09 PDT</time>
+  <time datetime="2024-06-07 00:26:22 PDT">Site built on: 2024-06-07 00:26:22 PDT</time>
 </p>
 <div class="copyright">
   <p></p>
   <nav class="navbar">
     <ul class="navbar__list">
-      <li><a href="http://localhost:62861/posts/index.xml">RSS</a></li>
-      <li><a href="http://localhost:62861/sitemap.xml">Sitemap</a></li>
+      <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
+      <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
     </ul>
   </nav>
 </div>

diff --git a/public/CVEX-2023-31419/index.html b/public/CVEX-2023-31419/index.html
@@ -1,21 +1,21 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=62861&amp;path=livereload" data-no-instant defer></script>
+  <head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script>
 <title>CVEX-2023-31419 :: Common Vulneravilities and Exposures with Exploits</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 <meta name="description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." />
 <meta name="keywords" content="" />
 <meta name="robots" content="noodp" />
-<link rel="canonical" href="http://localhost:62861/CVEX-2023-31419/" />
+<link rel="canonical" href="http://localhost:1313/CVEX-2023-31419/" />
 <meta property="og:locale" content="en" />
 <meta property="og:title" content="CVEX-2023-31419 :: Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." />
   <meta property="og:type" content="article" />
     <meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
     <meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
   <meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
-<meta property="og:url" content="http://localhost:62861/CVEX-2023-31419/" />
+<meta property="og:url" content="http://localhost:1313/CVEX-2023-31419/" />
 <meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
 <meta property="og:image" content="" />
 <meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
   rel="stylesheet"
 />
 <link href="../CVEX-2023-31419/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
-<link rel="stylesheet" href="http://localhost:62861/styles.css" />
+<link rel="stylesheet" href="http://localhost:1313/styles.css" />
 </head>
 
   <body>
@@ -41,7 +41,7 @@
 <nav class="navbar">
   <div class="navbar__first">
     <ul class="navbar__list borders">
-      <li><a href="http://localhost:62861/">Home</a></li>
+      <li><a href="http://localhost:1313/">Home</a></li>
       <li><a href="../research/">Statement</a></li>
       <li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
       <li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
 </header>
         <main class="site-main"><article class="post">
     <header class="post-header">
-        <h1 class="post-title"><a href="http://localhost:62861/CVEX-2023-31419/">CVEX-2023-31419</a></h1>
+        <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-31419/">CVEX-2023-31419</a></h1>
         <div class="post-meta">
             <time pubdate datetime="2024-05-27 15:34:00 PDT">
               Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="http://localhost:62861/CVEX-2023-31419/">CVEX-20
         </main>
         <footer class="site-footer">
 <p class="buildinfo">
-  <time datetime="2024-06-05 10:47:09 PDT">Site built on: 2024-06-05 10:47:09 PDT</time>
+  <time datetime="2024-06-07 00:26:22 PDT">Site built on: 2024-06-07 00:26:22 PDT</time>
 </p>
 <div class="copyright">
   <p></p>
   <nav class="navbar">
     <ul class="navbar__list">
-      <li><a href="http://localhost:62861/posts/index.xml">RSS</a></li>
-      <li><a href="http://localhost:62861/sitemap.xml">Sitemap</a></li>
+      <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
+      <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
     </ul>
   </nav>
 </div>