chg: [documentation] Updated documentation related to the RSS/Atom fe…

…eds.
vulnerability-lookup · Dec 22, 2024 · b7885fd · b7885fd
1 parent 18eda74
commit b7885fd
Show file tree

Hide file tree

Showing 6 changed files with 77 additions and 9 deletions.
diff --git a/static/documentation/_sources/architecture.rst b/static/documentation/_sources/architecture.rst
@@ -21,6 +21,9 @@ This allows for seamless integration with services like:
 - Apache Solr, for example, to index all JSON files efficiently
 - email notification system
 
+It is also possible to activate an authenticated HTTP event-stream subscribe service.
+
+
 Interface
 ---------
 

diff --git a/static/documentation/_sources/feeds.rst b/static/documentation/_sources/feeds.rst
@@ -5,28 +5,45 @@ Available feeds
 ---------------
 
 .. list-table:: Available feeds
-   :widths: 25 25 50
+   :widths: 25 25 25 25
    :header-rows: 1
 
    * - Endpoint
      - Methods
      - Rule
+     - Comment
 
    * - bundles_bp.feed_bundles
      - GET
      - /bundles/feed.<string:format>[?user=<login>]
+     - Recent bundles.
 
    * - comments_bp.feed_comments
      - GET
      - /comments/feed.<string:format>[?user=<login>]
+     - Recent comments.
 
    * - user_bp.feed_activity
      - GET
      - /user/<string:login>.<string:format>
+     - User activity.
 
    * - home_bp.feed_recent
      - GET
-     - /recent/<string:source>.<string:format>[?vulnerability=<vuln-id>]
+     - /recent/<string:source>.<string:format>[?vulnerability=<vuln-id>][?vendor=<vendor-id>]
+     - Rencent vulnerabilities per source or for all sources.
+       Argument ``vulnerability`` is used for the feed of linked vulnerabilities.
+       Argument ``vendor`` is used to generate a feed of vulnerabilities dedicated a specific vendor.
+
+   * - sightings_bp.feed_sightings
+     - GET
+     - /sightings/feed.<string:format>
+     - Recent sightings.
+
+   * - sightings_bp.feed_cpe_search
+     - GET
+     - /sightings/cpesearch/<string:cpe>/feed.<string:format>
+     - Recent sightings for a CPE.
 
 
 The value of ``format`` can be ``rss`` or ``atom``.
@@ -47,6 +64,8 @@ The value of ``source`` can be one of the following:
 "csaf_sick",
 "csaf_nozominetworks",
 "csaf_ox",
+"jvndb",
+"tailscale",
 "variot".
 
 
@@ -141,4 +160,19 @@ Subscribing to the activity related to a vulnerability
 
 The request will return recent observations (sightings) related to a vuln.
 
+.. code-block:: bash
+
     $ curl 'https://vulnerability.circl.lu/sightings/feed.atom?vulnerability=CVE-2024-0012'
+
+
+
+Recent sightings related to a product
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+        $ curl 'https://vulnerability.circl.lu/sightings/cpesearch/cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*/feed.atom'
+
+
+This will return recent sightings related to all CVEs for the specified product (identified by its CPE identifier).
+Sightings are based on information from various trusted sources, including security websites, Exploit-DB.com, GitHub repositories, security blogs, social networks, and MISP.
diff --git a/static/documentation/_static/img/vulnerability-lookup.excalidraw b/static/documentation/_static/img/vulnerability-lookup.excalidraw
@@ -12214,4 +12214,4 @@
       "lastRetrieved": 1733740163536
     }
   }
-}
+}
diff --git a/static/documentation/architecture.html b/static/documentation/architecture.html
@@ -410,6 +410,7 @@ <h2>Backend<a class="headerlink" href="#backend" title="Link to this heading">#<
 <li><p>Apache Solr, for example, to index all JSON files efficiently</p></li>
 <li><p>email notification system</p></li>
 </ul>
+<p>It is also possible to activate an authenticated HTTP event-stream subscribe service.</p>
 </section>
 <section id="interface">
 <h2>Interface<a class="headerlink" href="#interface" title="Link to this heading">#</a></h2>

diff --git a/static/documentation/feeds.html b/static/documentation/feeds.html
@@ -384,6 +384,7 @@ <h2> Contents </h2>
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-vulnerabilities-related-to-a-vendor">Recent vulnerabilities related to a vendor</a></li>
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-vulnerabilities-linked-to-the-specified-vulnerability">Recent vulnerabilities linked to the specified vulnerability</a></li>
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#subscribing-to-the-activity-related-to-a-vulnerability">Subscribing to the activity related to a vulnerability</a></li>
+<li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-sightings-related-to-a-product">Recent sightings related to a product</a></li>
 </ul>
 </li>
 </ul>
@@ -406,30 +407,48 @@ <h2>Available feeds<a class="headerlink" href="#available-feeds" title="Link to
 <colgroup>
 <col style="width: 25.0%" />
 <col style="width: 25.0%" />
-<col style="width: 50.0%" />
+<col style="width: 25.0%" />
+<col style="width: 25.0%" />
 </colgroup>
 <thead>
 <tr class="row-odd"><th class="head"><p>Endpoint</p></th>
 <th class="head"><p>Methods</p></th>
 <th class="head"><p>Rule</p></th>
+<th class="head"><p>Comment</p></th>
 </tr>
 </thead>
 <tbody>
 <tr class="row-even"><td><p>bundles_bp.feed_bundles</p></td>
 <td><p>GET</p></td>
 <td><p>/bundles/feed.&lt;string:format&gt;[?user=&lt;login&gt;]</p></td>
+<td><p>Recent bundles.</p></td>
 </tr>
 <tr class="row-odd"><td><p>comments_bp.feed_comments</p></td>
 <td><p>GET</p></td>
 <td><p>/comments/feed.&lt;string:format&gt;[?user=&lt;login&gt;]</p></td>
+<td><p>Recent comments.</p></td>
 </tr>
 <tr class="row-even"><td><p>user_bp.feed_activity</p></td>
 <td><p>GET</p></td>
 <td><p>/user/&lt;string:login&gt;.&lt;string:format&gt;</p></td>
+<td><p>User activity.</p></td>
 </tr>
 <tr class="row-odd"><td><p>home_bp.feed_recent</p></td>
 <td><p>GET</p></td>
-<td><p>/recent/&lt;string:source&gt;.&lt;string:format&gt;[?vulnerability=&lt;vuln-id&gt;]</p></td>
+<td><p>/recent/&lt;string:source&gt;.&lt;string:format&gt;[?vulnerability=&lt;vuln-id&gt;][?vendor=&lt;vendor-id&gt;]</p></td>
+<td><p>Rencent vulnerabilities per source or for all sources.
+Argument <code class="docutils literal notranslate"><span class="pre">vulnerability</span></code> is used for the feed of linked vulnerabilities.
+Argument <code class="docutils literal notranslate"><span class="pre">vendor</span></code> is used to generate a feed of vulnerabilities dedicated a specific vendor.</p></td>
+</tr>
+<tr class="row-even"><td><p>sightings_bp.feed_sightings</p></td>
+<td><p>GET</p></td>
+<td><p>/sightings/feed.&lt;string:format&gt;</p></td>
+<td><p>Recent sightings.</p></td>
+</tr>
+<tr class="row-odd"><td><p>sightings_bp.feed_cpe_search</p></td>
+<td><p>GET</p></td>
+<td><p>/sightings/cpesearch/&lt;string:cpe&gt;/feed.&lt;string:format&gt;</p></td>
+<td><p>Recent sightings for a CPE.</p></td>
 </tr>
 </tbody>
 </table>
@@ -451,6 +470,8 @@ <h2>Available feeds<a class="headerlink" href="#available-feeds" title="Link to
 “csaf_sick”,
 “csaf_nozominetworks”,
 “csaf_ox”,
+“jvndb”,
+“tailscale”,
 “variot”.</p>
 </section>
 <section id="examples">
@@ -532,9 +553,17 @@ <h3>Recent vulnerabilities linked to the specified vulnerability<a class="header
 <section id="subscribing-to-the-activity-related-to-a-vulnerability">
 <h3>Subscribing to the activity related to a vulnerability<a class="headerlink" href="#subscribing-to-the-activity-related-to-a-vulnerability" title="Link to this heading">#</a></h3>
 <p>The request will return recent observations (sightings) related to a vuln.</p>
-<blockquote>
-<div><p>$ curl ‘<a class="reference external" href="https://vulnerability.circl.lu/sightings/feed.atom?vulnerability=CVE-2024-0012">https://vulnerability.circl.lu/sightings/feed.atom?vulnerability=CVE-2024-0012</a>’</p>
-</div></blockquote>
+<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>$<span class="w"> </span>curl<span class="w"> </span><span class="s1">&#39;https://vulnerability.circl.lu/sightings/feed.atom?vulnerability=CVE-2024-0012&#39;</span>
+</pre></div>
+</div>
+</section>
+<section id="recent-sightings-related-to-a-product">
+<h3>Recent sightings related to a product<a class="headerlink" href="#recent-sightings-related-to-a-product" title="Link to this heading">#</a></h3>
+<div class="highlight-bash notranslate"><div class="highlight"><pre><span></span>$<span class="w"> </span>curl<span class="w"> </span><span class="s1">&#39;https://vulnerability.circl.lu/sightings/cpesearch/cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*/feed.atom&#39;</span>
+</pre></div>
+</div>
+<p>This will return recent sightings related to all CVEs for the specified product (identified by its CPE identifier).
+Sightings are based on information from various trusted sources, including security websites, Exploit-DB.com, GitHub repositories, security blogs, social networks, and MISP.</p>
 </section>
 </section>
 </section>
@@ -592,6 +621,7 @@ <h3>Subscribing to the activity related to a vulnerability<a class="headerlink"
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-vulnerabilities-related-to-a-vendor">Recent vulnerabilities related to a vendor</a></li>
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-vulnerabilities-linked-to-the-specified-vulnerability">Recent vulnerabilities linked to the specified vulnerability</a></li>
 <li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#subscribing-to-the-activity-related-to-a-vulnerability">Subscribing to the activity related to a vulnerability</a></li>
+<li class="toc-h3 nav-item toc-entry"><a class="reference internal nav-link" href="#recent-sightings-related-to-a-product">Recent sightings related to a product</a></li>
 </ul>
 </li>
 </ul>

diff --git a/static/documentation/searchindex.js b/static/documentation/searchindex.js
-Original file line number
+Diff line change
@@ Expand Up / @@ -12214,4 +12214,4 @@ @@
           "lastRetrieved": 1733740163536
         }
       }
-    }
+    }