Vulnerability-Lookup 2.21.0 released

We’re delighted to announce the release of Vulnerability-Lookup 2.21.0. This release brings several important improvements focused on search, data ingestion, and usability.

What’s New

Product-level indexing & search API

Making it easier to explore vulnerabilities from a product-centric angle, without specifying a vendor name. (f906064)

Product search - example 1

Product search - example 2

New CSAF feeder for Schneider Electric

We have recently added a new CSAF feed for Schneider Electric. (e43fa03)

CSAF feeder for Schneider Electric

More flexible user registration configuration

New options to customize signup/about pages and restrict accepted email domains. (3855838, bfc82cf)

Improved notifications & UI refinements

Clearer emails, better metadata, and cleaner templates.

Email notifcation

Ghost CVE

We now use the term Ghost CVE to refer to vulnerabilities observed in the wild via sightings that do not yet have a public CVE record.

Ghost CVE

Changes

A number of fixes and technical improvements are also included.

  • chg: [notifications] Added the publication date in email notifications and a special icon for new vulnerabilities. Closes #299. 64bc631
  • chg: [dependencies] Updated Python and dev/docs dependencies. 510233c b08c381
  • chg: [config] Updated default value for ACCEPTED_DOMAINS_FOR_REGISTRATION. 6563f8a
  • chg: [templates] Simplified titles for vuln and sightings pages; added Open Graph meta tag. 19c9a69 27eb6bf
  • chg: [documentation] Updated installation instructions. 152212d

Fixes

  • fix: [api] Preserve typing for flask-restx decorators (mypy). f5f31c5
  • fix(cvss): Safely handle CVSS 4.0 vectors in Jinja filters. Closes #305. 5a303bb
  • fix: [templates] Fix Bootstrap switch click handling (moved popover to help icon). Closes #303. 19a8c54
  • fix: [bin] Corrected the script name for the CSAF Schneider Electric importer. 1386a76
  • fix: [templates] Fixed an issue with batch deletion of users. 839345b
  • fix: [templates] Fixed a tag id in vulnerability_templates.html. bc0d329

Changelog

For the full list of changes, check the GitHub release:
v2.21.0 Release Notes

Thank you to all our contributors and testers!

The new contributor of this release is Thai Nguyen.

Feedback and Support

If you encounter any issues or have suggestions, please open a ticket on our GitHub repository:
GitHub Issues

Follow Us on the Fediverse

Stay updated on security advisories in real-time by following us on Mastodon:
@vulnerability_lookup