jramos/cve-dashboard
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
42 Commits 7 Branches 0 Tags
0e89251bacd634a712397b0de508a97b95fe15ab
Commit Graph

15 Commits

Author SHA1 Message Date
jramos
0e89251bac Fix: Change X-Frame-Options to SAMEORIGIN to allow PDF iframe embedding 2026-02-13 10:50:37 -07:00
jramos
79a1a23002 Added knowledge base enhancements for documentation viewing and preloaded Ivanti config for next feature 2026-02-13 09:43:09 -07:00
jramos
0d67a99c7e Add weekly vulnerability report upload feature 
Implements a comprehensive system for uploading and processing weekly
vulnerability reports that automatically splits multiple CVE IDs in a
single cell into separate rows for easier filtering and analysis.

Backend Changes:
- Add weekly_reports table with migration
- Create Excel processor helper using Python child_process
- Implement API routes for upload, list, download, delete
- Mount routes in server.js after multer initialization
- Move split_cve_report.py to backend/scripts/

Frontend Changes:
- Add WeeklyReportModal component with phase-based UI
- Add "Weekly Report" button next to NVD Sync
- Integrate modal into App.js with state management
- Display existing reports with current report indicator
- Download buttons for original and processed files

Features:
- Upload .xlsx files (editor/admin only)
- Automatic CVE ID splitting via Python script
- Store metadata in database + files on filesystem
- Auto-archive previous reports (mark one as current)
- Download both original and processed versions
- Audit logging for all operations
- Security: file validation, auth checks, path sanitization

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-11 16:41:39 -07:00
jramos
83d944fa70 Added JIRA ticket tracking feature 
- New jira_tickets table (migration script included)
- CRUD API endpoints for tickets with validation and audit logging
- Dashboard section showing all open vendor tickets
- JIRA tickets section within CVE vendor cards
- Tickets linked to CVE + vendor with status tracking (Open/In Progress/Closed)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-09 11:56:34 -07:00
jramos
26abd55e0f added visual tweaks and document requirements REMOVED 2026-02-02 16:32:44 -07:00
jramos
eae4594baf added email extension to allowed list type 2026-02-02 16:11:43 -07:00
jramos
84803a353e added input validation and security hardening 2026-02-02 14:39:50 -07:00
jramos
d520c4ae41 Added tweaks to allow edits/deletes of cve and vendors or to fix typos 2026-02-02 11:33:44 -07:00
jramos
da109a6f8b Added NVD lookup features and optional NVD API key in .env file 2026-02-02 10:50:38 -07:00
jramos
1a578b23c1 Audit logging feature files 2026-01-29 15:10:29 -07:00
jramos
da14c92d98 added required code changes, components, and packages for login feature 2026-01-28 14:36:33 -07:00
Jordan Ramos
60f0424235 Added .env configuration to remove hardcoded IP issues 2026-01-28 09:23:30 -07:00
jramos
88c33cae04 Fix: Enable multi-vendor support for CVE entries 
- Changed CVEs table constraint from UNIQUE(cve_id) to UNIQUE(cve_id, vendor)
- Added vendor column to documents table for proper file organization
- Updated backend INSERT statements to include vendor field in both CVE and document creation
- Fixed document retrieval to filter by vendor
- Created corrected setup.js that includes multi-vendor support from initial setup
- Added migration scripts for existing databases

Resolves #1: Users can now add the same CVE-ID with multiple different vendors, each maintaining separate document storage organized as CVE-ID/Vendor/files
 2026-01-28 14:49:03 +00:00
root
b9421ea0e9 added stop start files and testing multivendor support 2026-01-27 23:00:12 +00:00
jramos
80f32b0412 Initial commit: CVE Dashboard v1.0 2026-01-27 04:06:03 +00:00