Skip to content
This repository has been archived by the owner on Oct 16, 2024. It is now read-only.

Commit

Permalink
cvex dir2 update
Browse files Browse the repository at this point in the history
  • Loading branch information
@racheljiang310
racheljiang310 committed Jun 2, 2024
1 parent e7cfd28 commit b65558c
Show file tree
Hide file tree
Showing 10 changed files with 119 additions and 38 deletions.
71 changes: 68 additions & 3 deletions data/cvex_data/cvex_v2.json
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,74 @@
{
"cvex_v2_directory" : [
{
"cveid": "todo",
"cvexid": "todo",
"authors":["todo"]
"cveid": "CVE-XPLOR",
"cvexid": "CVEX-XPLOR",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["demo/client", "demo/server", "demo/listener"],
"description": "A Proof of Concept Demonstration of our CVEX model/framework",
"page": "/CVEX-XPLOR/"
},
{
"cveid": "CVE-2017-1000499",
"cvexid": "CVEX-2017-1000499",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2017-1000499/client", "cvex-2017-1000499/server", "cvex-2017-1000499/db", "cvex-2017-1000499/listener"],
"description": "phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.",
"page": "/CVEX-2017-1000499/"
},
{
"cveid": "CVE-2023-28155",
"cvexid": "CVEX-2023-28155",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2023-28155/listener", "cvex-2023-28155/client", "cvex-2023-28155/bad_server", "cvex-2023-28155/php_server"],
"description": "The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.",
"page": "/CVEX-2023-28155/"
},
{
"cveid": "CVE-2023-31419",
"cvexid": "CVEX-2023-31419",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2023-31419/client","cvex-2023-31419/server","cvex-2023-31419/listener"],
"description": "A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.",
"page": "/CVEX-2023-31419/"
},
{
"cveid": "CVE-2023-42282",
"cvexid": "CVEX-2023-42282",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"],
"description": "The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.",
"page": "/CVEX-2023-42282/"
},
{
"cveid": "CVE-2024-21508",
"cvexid": "CVEX-2024-21508",
"authors":["racheljiang310"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2023-42282/client", "cvex-2023-42282/server", "cvex-2023-42282/listener"],
"description": "Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.",
"page": "/CVEX-2024-21508/"
},
{
"cveid": "CVE-2023-0286",
"cvexid": "CVEX-2023-0286",
"authors":["yarwinliu"],
"version": 2.0,
"domain": "ghcr.io/ucsb-seclab",
"images": ["cvex-2024-21508/listener", "cvex-2024-21508/server", "cvex-2024-21508/client"],
"description": "Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.",
"page": "/CVEX-2023-0286/"
}
]
}
Expand Down
9 changes: 5 additions & 4 deletions public/404.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="./directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="./directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="./research/">Research Initiative</a></li>
<li><a href="./research/">Statement</a></li>
<li><a href="./directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="./directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -69,7 +70,7 @@ <h1 class="post-title">404 — Page not found...</h1>
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/CVEX-2017-1000499/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -85,7 +86,7 @@ <h1 class="post-title"><a href="http://localhost:1313/CVEX-2017-1000499/">CVEX-2
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/CVEX-2023-28155/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -85,7 +86,7 @@ <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-28155/">CVEX-202
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/CVEX-2023-31419/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -85,7 +86,7 @@ <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-31419/">CVEX-202
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/categories/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -70,7 +71,7 @@ <h1 class="post-title">
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/cvex/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -80,7 +81,7 @@ <h2>See</h2><div class="post-entries">
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
2 changes: 1 addition & 1 deletion public/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ <h3 id="what-is-a-cvex">
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:14:21 PDT">Site built on: 2024-06-02 15:14:21 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
9 changes: 5 additions & 4 deletions public/tags/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,10 @@
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../directoryv1/">CVEXv1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEXv2.0 Directory</a></li>
<li><a href="../research/">Research Initiative</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>

<li>
<button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg">
<path
Expand Down Expand Up @@ -70,7 +71,7 @@ <h1 class="post-title">
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 15:13:16 PDT">Site built on: 2024-06-02 15:13:16 PDT</time>
<time datetime="2024-06-02 15:48:55 PDT">Site built on: 2024-06-02 15:48:55 PDT</time>
</p>
<div class="copyright">
<p></p>
Expand Down
21 changes: 15 additions & 6 deletions themes/hugo-xterm/layouts/_default/directory2.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,21 @@ <h5>{{- with .Content }}
{{ . }}
{{- end }}</h5>

{{ range $.Site.Data.cvex_data.cvex_v2.cvex_v2_directory }}
<strong>{{.cveid}}</strong>: {{ .cvexid }}
<ul>
<li>Authors: {{ delimit .authors ", " }}</li>
</ul>
{{ end }}
<table>
<tr>
<th style="width:20%"><strong>CVEX</strong></th>
<th style="width:50%"><strong>Description</strong></th>
<th style="width:30%"><strong>Images</strong></th>
</tr>
{{ range $.Site.Data.cvex_data.cvex_v2.cvex_v2_directory }}
<tr>
<td><tt>{{ .cveid }}</tt></td>
<!-- <td><tt><a href={{.cvexid}}>{{.cvexid}}</a></tt></td> -->
<td><strong>Author |</strong> <tt>{{ delimit .authors ", " }}</tt> <br> {{.description}}</td>
<td><strong>Domain | </strong>{{.domain}}<br><details><small><tt>{{ range .images }}{{.}}<br>{{end}}</tt></small></details></td>
</tr>
{{- end}}
</table>
</div>

<footer class="post-footer">
Expand Down

0 comments on commit b65558c

Please sign in to comment.