Vulnerability-Lookup 2.9.0 - MITRE EMB3D, GCVE
Vulnerability-Lookup 2.9.0 - MITRE EMB3D, GCVE
Vulnerability-Lookup 2.9.0 released
Today we released Vulnerability-Lookup 2.9.0 with new features, enhancements, and bug fixes.
What's New
Adversarial Techniques from MITRE EMB3D
The Adversarial Techniques from MITRE EMB3D are now integrated into Vulnerability-Lookup as a new source and are correlated with existing security advisories.
This feature was contributed by Piotr Kaminski during the last Hack.lu hackathon. (#129)
Global CVE Allocation System (GCVE)
GCVE identifiers are now supported in HTML templates and URL parameters,thanks to the GCVE Python client.These identifiers can now be used when disclosing a new vulnerability as part of the Coordinated Vulnerability Disclosure (CVD) process, in alignment with NIS 2 requirements. (8bb3d84, 58c394a)
Trustworthy Level for Members
Members of a Vulnerability-Lookup instance now have a dynamically calculatedtrustworthy level based on profile completeness and verification.Members affiliated with FIRST.org or European CSIRTs (CNW) are automaticallytrusted for operations that would otherwise require administrator approval(e.g., creating comments).
Changes
- New API endpoint for MITRE EMB3D. (c0d6b44)
- Improved the vulnerability disclosure page. (ccfb6b1)
- Added page arguments to the
vulnerability/lastendpoint. (ce75a7a) - Notification emails now include a random signoff. (#119)
- Various graphical enhancements. (0878a31)
Fixes
- Fixed editing of notifications for Organization/Product. (#124)
Changelog
📂 To see the full rundown of the changes, users can visit the changelog on GitHub: https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v2.9.0