Releases: daavelino/vulnerability-catalog
vulnerability-catalog-3.0.0
vulnerability-catalog-2.0.3
Now with Docker support. Take a look at
https://github.com/daavelino/vulnerability-catalog/wiki/Using-Docker-to-run-Catalog
vulnerability-catalog-2.0.2
Fixing setup.py script regarding to issue 10 #10 and pip check before build system.
vulnerability-catalog-2.0.1
Fixing setup.py script regarding to issue 10 #10.
vulnerability-catalog-2.0.0
vulnerability-catalog-2.0.0
Changes since the previous release:
-
Add Critical risk level to evaluate risks more accurately.
-
Adding tools/nessus2catalog.py script to convert CSV Nessus's exports into Catalog's JSON massive uploads. Now, you can convert your Nessus scan results from CSV to JSON and add it to Catalog via Massive Upload.
-
Adding tools/openvas2catalog.py script to convert CSV OpenVAS's exports into Catalog's JSON massive uploads. Now, you can convert your OpenVAS scan results from CSV to JSON and add it to Catalog via Massive Upload.
-
Fixing permission schemas to allow more control of what users can do.
-
Improving some Views methods for better performance and code readability.
-
Improving setup.py behavior.
-
Introduced a new engine to export Catalog data easily.
-
Vulnerability model now comes with meaningful default values. If you don't specify some of the optional values, it will be filled by meaningful data, instead of blank.
-
Risk fields have a 'Not evaluated' default value. It means that it does not need to be present when vulnerability is catalogued. So you can omit and evaluate it later.
-
Fixing some typo mistakes at detail templates.
-
Fixing some layout behavior at Home, Panorama and index pages.
-
Adding new CVSS 3.0 score chart at Panorama.
-
Adding 'Not evaluated' risk alert to the Home page."
-
Risk and CVSS calculators are now filling the calculated fields in the Add, Update and Fast Update forms.
-
Improving Massive Update check against malformed files.
-
Improving run.bat/run.sh start scripts to allow passing other urls than localhost:8000. Just do
run.bat/run.sh <fqdn/ip address>:<port>
to launch Catalog using a different address:port. But, you need to config base/settings.py first.
-
Changing redirection after Add/Update/Fast update/Delete vulnerabilities. Now, it points back to Index view, for better usability.
-
Adding text editor at Add/Update pages.
-
Adding testDataGenerator.py script to create random test data.
-
Adding OWASP category selector to Add template.
vulnerability-catalog-v1.2.0
Now add launcher scripts to Linux and Windows deploy.
After run setup.py,
to launch Catalog just do:
at Linux:
./run.sh
at Windows:
run.bat
With this new process it is not necessary to deal with Python's venv creation at deploy time. All job is performed by setup.py. Deploy and run it with just 2 commands.
Enjoy.
Introducing new homepage features to simplify data retrieval.
Now you can search for all vulnerabilities that need action by clicking on it at Home Page.
Clicking at "Waiting for solution" and "Deadline status" elements presents all vulnerabilities in such a situation at Catalog page.
Thanks to Andrea Fabrete for propose such a feature.
vulnerability-catalog-v1.0.0
Launching the Vulnerability Catalog first production version.
vulnerability-catalog-v0.2.2
Fixing run.py script and add Admin template.
vulnerability-catalog-v0.2.1
Updating Django minimal version to 2.0.3 to deal with 2 security issues.
Please, check at
https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40778
and
https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40779
to know bore about these vulnerabilities.