Skip to content

feat(detector/cve): support euvd #2364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(detector/cve): support euvd #2364

wants to merge 1 commit into from

Conversation

@MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Nov 29, 2025
edited
Loading

What did you implement:

support EUVD

Type of change

  • New feature (non-breaking change which adds functionality)

How Has This Been Tested?

$ go-cve-dictionary fetch nvd 2025
$ go-cve-dictionary fetch euvd 2025

$ cat << EOS > config.toml
version = "v2"

[cveDict]
type = "sqlite3"

[ovalDict]
type = "sqlite3"

[gost]
type = "sqlite3"

[exploit]
type = "sqlite3"

[metasploit]
type = "sqlite3"

[kevuln]
type = "sqlite3"

[cti]
type = "sqlite3"

[vuls2]
repository = "ghcr.io/vulsio/vuls-nightly-db:0"

[default]
[servers]
[servers.pseudo]
type = "pseudo"
cpeNames = [
    "cpe:2.3:a:starcitizen.tools:citizen:3.3.0:*:*:*:*:*:*:*",
]
EOS

$ vuls scan
$ vuls report
...
[Dec  4 02:19:38]  INFO [localhost] pseudo type. Skip OVAL, gost and vuls2 detection
[Dec  4 02:19:39]  INFO [localhost] pseudo: 7 CVEs are detected with CPE
[Dec  4 02:19:40]  INFO [localhost] pseudo: 0 PoC are detected
[Dec  4 02:19:40]  INFO [localhost] pseudo: 0 exploits are detected
[Dec  4 02:19:40]  INFO [localhost] pseudo: Known Exploited Vulnerabilities are detected for 0 CVEs
[Dec  4 02:19:40]  INFO [localhost] pseudo: Cyber Threat Intelligences are detected for 0 CVEs
[Dec  4 02:19:40]  INFO [localhost] pseudo: total 7 CVEs detected
[Dec  4 02:19:40]  INFO [localhost] pseudo: 0 CVEs filtered by --confidence-over=80
pseudo (pseudo)
===============
Total: 7 (Critical:0 High:2 Medium:5 Low:0 ?:0)
0/0 Fixed, 7 poc, 0 exploits, 0 kevs, uscert: 0, jpcert: 0 alerts
0 installed

+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
|     CVE-ID     | CVSS | Attack | PoC | KEV | Alert | Fixed |                Packages                |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-53368 | 8.6  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-53370 | 8.6  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-49575 | 6.5  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-49576 | 6.5  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-49577 | 6.5  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-49578 | 6.5  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+
| CVE-2025-49579 | 6.5  | AV:N   | POC |     |       |       | cpe:/a:starcitizen.tools:citizen:3.3.0 |
+----------------+------+--------+-----+-----+-------+-------+----------------------------------------+

$ jq -r '.scannedCves."CVE-2025-49575"' results/2025-12-04T02-19-30+0900/pseudo.json
{
  "cveID": "CVE-2025-49575",
  "confidences": [
    {
      "score": 100,
      "detectionMethod": "NvdExactVersionMatch"
    }
  ],
  "cveContents": {
    "euvd": [
      {
        "type": "euvd",
        "cveID": "CVE-2025-49575",
        "title": "EUVD-2025-18208",
        "summary": "Citizen skin vulnerable to stored XSS through multiple system messages",
        "cvss2Score": 0,
        "cvss2Vector": "",
        "cvss2Severity": "",
        "cvss3Score": 6.5,
        "cvss3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
        "cvss3Severity": "MEDIUM",
        "cvss40Score": 0,
        "cvss40Vector": "",
        "cvss40Severity": "",
        "sourceLink": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-18208",
        "references": [
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/54c8717d45ce1594918f11cb9ce5d0ccd8dfee65"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87"
          },
          {
            "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-49575"
          }
        ],
        "published": "2025-06-11T19:59:54Z",
        "lastModified": "2025-06-13T03:43:58Z"
      },
      {
        "type": "euvd",
        "cveID": "CVE-2025-49575",
        "title": "EUVD-2025-18144",
        "summary": "Citizen skin vulnerable to stored XSS through multiple system messages",
        "cvss2Score": 0,
        "cvss2Vector": "",
        "cvss2Severity": "",
        "cvss3Score": 0,
        "cvss3Vector": "",
        "cvss3Severity": "",
        "cvss40Score": 0,
        "cvss40Vector": "",
        "cvss40Severity": "",
        "sourceLink": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-18144",
        "references": [
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/54c8717d45ce1594918f11cb9ce5d0ccd8dfee65"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87"
          },
          {
            "link": "https://nvd.nist.gov/vuln/detail/CVE-2025-49575"
          }
        ],
        "published": "2025-06-11T19:59:54Z",
        "lastModified": "2025-06-13T03:43:58Z"
      }
    ],
    "nvd": [
      {
        "type": "nvd",
        "cveID": "CVE-2025-49575",
        "title": "",
        "summary": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.\nCitizen es una interfaz de MediaWiki que integra las extensiones en la experiencia cohesiva. Se insertan múltiples mensajes del sistema en CommandPaletteFooter como HTML sin formato, lo que permite que cualquiera que pueda editarlos inserte HTML arbitrario en el DOM. Esto afecta a las wikis donde un grupo tiene el permiso de usuario `editinterface` pero no el de `editsitejs`. Esta vulnerabilidad se corrigió en la versión 3.3.1.",
        "cvss2Score": 0,
        "cvss2Vector": "",
        "cvss2Severity": "",
        "cvss3Score": 6.5,
        "cvss3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
        "cvss3Severity": "MEDIUM",
        "cvss40Score": 0,
        "cvss40Vector": "",
        "cvss40Severity": "",
        "sourceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-49575",
        "references": [
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5",
            "source": "[email protected]",
            "tags": [
              "Patch"
            ]
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
            "source": "[email protected]",
            "tags": [
              "Patch"
            ]
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87",
            "source": "[email protected]",
            "tags": [
              "Exploit",
              "Vendor Advisory"
            ]
          }
        ],
        "cweIDs": [
          "CWE-79"
        ],
        "published": "2025-06-12T19:15:20.16Z",
        "lastModified": "2025-08-22T18:59:49.71Z",
        "optional": {
          "source": "[email protected]"
        }
      },
      {
        "type": "nvd",
        "cveID": "CVE-2025-49575",
        "title": "",
        "summary": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.\nCitizen es una interfaz de MediaWiki que integra las extensiones en la experiencia cohesiva. Se insertan múltiples mensajes del sistema en CommandPaletteFooter como HTML sin formato, lo que permite que cualquiera que pueda editarlos inserte HTML arbitrario en el DOM. Esto afecta a las wikis donde un grupo tiene el permiso de usuario `editinterface` pero no el de `editsitejs`. Esta vulnerabilidad se corrigió en la versión 3.3.1.",
        "cvss2Score": 0,
        "cvss2Vector": "",
        "cvss2Severity": "",
        "cvss3Score": 5.4,
        "cvss3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
        "cvss3Severity": "MEDIUM",
        "cvss40Score": 0,
        "cvss40Vector": "",
        "cvss40Severity": "",
        "sourceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-49575",
        "references": [
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5",
            "source": "[email protected]",
            "tags": [
              "Patch"
            ]
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
            "source": "[email protected]",
            "tags": [
              "Patch"
            ]
          },
          {
            "link": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87",
            "source": "[email protected]",
            "tags": [
              "Exploit",
              "Vendor Advisory"
            ]
          }
        ],
        "published": "2025-06-12T19:15:20.16Z",
        "lastModified": "2025-08-22T18:59:49.71Z",
        "optional": {
          "source": "[email protected]"
        }
      }
    ]
  },
  "exploits": [
    {
      "exploitType": "nvd",
      "id": "",
      "url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87",
      "description": ""
    }
  ],
  "alertDict": {
    "cisa": null,
    "jpcert": null,
    "uscert": null
  },
  "cpeURIs": [
    "cpe:/a:starcitizen.tools:citizen:3.3.0"
  ]
}

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Nov 29, 2025
@MaineK00n MaineK00n marked this pull request as ready for review December 3, 2025 17:23
@MaineK00n MaineK00n requested a review from shino December 3, 2025 17:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shino shino Awaiting requested review from shino

At least 1 approving review is required to merge this pull request.

Assignees

@MaineK00n MaineK00n

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MaineK00n