Vulnerability-Lookup 2.1.0 released

We’re thrilled to announce the release of version 2.1.0 of the Vulnerability-Lookup project! This update introduces new features primarily focused on vulnerability sightings, improvements and fixes.

News

• A new API endpoint allows sightings to be created programmatically. Using dedicated tools, we gather observations from three main sources:
  • The Fediverse with FediVuln, a client to collect vulnerability-related information from the Fediverse
  • MISP with VulnerabilityLookupSighting, a client that retrieves vulnerability observations from a MISP server and pushes them to a Vulnerability Lookup instance
  • RSS and Atom feeds
• Combined sightings for bundles: The page displaying bundle details now shows the combined sightings for all vulnerabilities within the bundle (48610fc)
• New RSS/Atom endpoints for sightings have been added, allowing parameters such as the sighting source to be used and the id of a vulnerability. This enables users to subscribe to activity on unpublished vulnerabilities. (6020294)
• Provide the possibility to comment not yet published vulnerabilities (f88f239)

Changes

• Make drawBarChartHomePage faster (fa95945)
• Added a function in order to provide a small description about the vulnerabilities listed in the bundle page (8f04be1)
• Various enhancements to the home page and the charts based on user sightings
• Improved the API and the OpenAPI Swagger documentation
• Various improvements were made to the user interface

Fixes

• Fixed an issue in the Marshalling for the Sightings in the API (5ccdbe2)
• Fixed the title of the RSS/Atom feed (311d2c4)
• Keep non-sensitive case search even if our ids are lowercase. (9fae6ea)