Vulnerability-Lookup 2.2.0

We’re delighted to announce the release of Vulnerability-Lookup 2.2.0, packed with enhancements, new features, and bug fixes.

What's New

• Identity:

  • Vulnerability-Lookup now has a beautiful new logo.

• New Statistics Namespace: The API now offers a dedicated namespace for statistics. Two new endpoints are currently available:

  • /api/stats/vulnerability/most_sighted
  • /api/stats/vulnerability/most_commented Both endpoints provide the option to return results in a Markdown table format. (7a2b8ed, d95b49c)

  You can use the API output directly to generate PDF reports:

  $ curl -s -X 'GET' 'https://vulnerability.circl.lu/api/stats/vulnerability/most_sighted?date_from=2024-07-01&output=markdown' | pandoc --from=markdown --to=pdf -o semestrial-report.pdf
  

• New Client for KEV Sightings: A new Python client, KevSight, is available to generate sightings for Vulnerability-Lookup using the Known Exploited Vulnerabilities (KEV) catalog. For more details, refer to the Vulnerability-Lookup documentation on sightings automation and the available clients.

Changes

• API Enhancements:

  • Numerous improvements and harmonization across the API while maintaining compatibility with previous versions. PyVulVulnerabilityLookup has been updated. (f9a03fb, 79cc46d)

• Improved Views:

  • /recent: Enhanced for greater consistency and readability.
  • /vuln: Improved display for vulnerabilities from the CVE List v5 and NVD sources. The versions of the impacted products is now displayed in a third column. (9308772, 5f9826a, f71da45, 54ad96e, e8ae16e)
  • We have enhanced the layout and accessibility of various views as part of our ongoing commitment to creating software that is inclusive and usable for everyone.

• Documentation:

  • The documentation is now exposed by a dedicated Flask Blueprint which is serving static HTML files generated with Sphinx. Updating the documentation is possible via a simple button in the dashboard of Vulnerability-Lookup. (e27ac9f, 6f38ccf)

• Backend:

  • Harmonization of datetime objects by ensuring that all dates use UTC-aware timestamps (8ea2554, a4defc2)
  • Gunicorn is now by default using Gevent (c79f997)

Fixes

• Date Parameters in API:

  • The date_from and date_to parameters in the API no longer have default values. It is now the client’s responsibility to specify these values. (036ca3a)

• CVE Lookup Endpoint:

  • We fixed the API endpoint for searching CVEs by vendor and product. (0867fac)

Funding

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.