Skip to content
This repository was archived by the owner on Oct 4, 2023. It is now read-only.

vulnerability-catalog-2.0.0
Compare
Choose a tag to compare
@daavelino daavelino released this 03 Jul 17:14
· 101 commits to master since this release
2.0.0
7e69222

vulnerability-catalog-2.0.0

Changes since the previous release:

  • Add Critical risk level to evaluate risks more accurately.

  • Adding tools/nessus2catalog.py script to convert CSV Nessus's exports into Catalog's JSON massive uploads. Now, you can convert your Nessus scan results from CSV to JSON and add it to Catalog via Massive Upload.

  • Adding tools/openvas2catalog.py script to convert CSV OpenVAS's exports into Catalog's JSON massive uploads. Now, you can convert your OpenVAS scan results from CSV to JSON and add it to Catalog via Massive Upload.

  • Fixing permission schemas to allow more control of what users can do.

  • Improving some Views methods for better performance and code readability.

  • Improving setup.py behavior.

  • Introduced a new engine to export Catalog data easily.

  • Vulnerability model now comes with meaningful default values. If you don't specify some of the optional values, it will be filled by meaningful data, instead of blank.

  • Risk fields have a 'Not evaluated' default value. It means that it does not need to be present when vulnerability is catalogued. So you can omit and evaluate it later.

  • Fixing some typo mistakes at detail templates.

  • Fixing some layout behavior at Home, Panorama and index pages.

  • Adding new CVSS 3.0 score chart at Panorama.

  • Adding 'Not evaluated' risk alert to the Home page."

  • Risk and CVSS calculators are now filling the calculated fields in the Add, Update and Fast Update forms.

  • Improving Massive Update check against malformed files.

  • Improving run.bat/run.sh start scripts to allow passing other urls than localhost:8000. Just do

run.bat/run.sh <fqdn/ip address>:<port>

to launch Catalog using a different address:port. But, you need to config base/settings.py first.

  • Changing redirection after Add/Update/Fast update/Delete vulnerabilities. Now, it points back to Index view, for better usability.

  • Adding text editor at Add/Update pages.

  • Adding testDataGenerator.py script to create random test data.

  • Adding OWASP category selector to Add template.

Assets 2
Loading