generated content from 2024-10-11

oasis-open · Oct 11, 2024 · 3be4ece · 3be4ece
1 parent 43316cf
commit 3be4ece
Show file tree

Hide file tree

Showing 123 changed files with 2,806 additions and 0 deletions.
diff --git a/mapping.csv b/mapping.csv
@@ -251537,3 +251537,125 @@ vulnerability,CVE-2023-45872,vulnerability--df221b41-ae44-4336-b7ab-d4f30638ebbf
 vulnerability,CVE-2023-37154,vulnerability--666d6a6c-9a1e-4862-81d9-78dbe8f01f66
 vulnerability,CVE-2023-36325,vulnerability--ccdc5430-e653-442e-b446-b1cfb31e97bf
 vulnerability,CVE-2023-46586,vulnerability--de757597-08f6-41bb-8f01-01278e25493c
+vulnerability,CVE-2024-48902,vulnerability--564c0cc9-1387-499d-be85-53c4d7b85e38
+vulnerability,CVE-2024-48949,vulnerability--3fe6847e-308b-4155-be34-7f326d9d1585
+vulnerability,CVE-2024-48957,vulnerability--21bb57d0-bf27-4414-9ea9-73bf976651fd
+vulnerability,CVE-2024-48958,vulnerability--e8442283-a572-463f-aab8-f75c2475e952
+vulnerability,CVE-2024-45149,vulnerability--630d9151-986d-44b6-83d0-f4c7fa84b9ef
+vulnerability,CVE-2024-45127,vulnerability--7f8d875a-c20f-46bd-a6c3-032d83fb02cd
+vulnerability,CVE-2024-45134,vulnerability--19988fe6-cc99-43f1-8cdf-7967c3caef5d
+vulnerability,CVE-2024-45124,vulnerability--2a20c9a7-91ca-497f-9199-3241f92955c2
+vulnerability,CVE-2024-45130,vulnerability--f712a5bc-c410-4362-abaa-2de3190679e9
+vulnerability,CVE-2024-45125,vulnerability--b6f1d86f-ec61-44a1-97bf-72bb6d396239
+vulnerability,CVE-2024-45116,vulnerability--4f4d5f4e-442e-4df4-b9eb-552a18f163a4
+vulnerability,CVE-2024-45117,vulnerability--1f33f2cd-e2e1-4629-aaca-c36525b427e2
+vulnerability,CVE-2024-45132,vulnerability--47b96018-9dc0-447d-8a84-8896743021b5
+vulnerability,CVE-2024-45115,vulnerability--c3ab9ecd-a9b7-48a5-a5c1-5d630905df0e
+vulnerability,CVE-2024-45122,vulnerability--33c3414f-5447-47de-89b3-e12b5c3008de
+vulnerability,CVE-2024-45148,vulnerability--46f4deca-3001-4ece-ad6e-8d1f8ab2e302
+vulnerability,CVE-2024-45128,vulnerability--d271415c-2d12-4024-b44f-e554abd1b363
+vulnerability,CVE-2024-45133,vulnerability--0ccf63d9-9df6-4f9e-83cf-b14a1f45be11
+vulnerability,CVE-2024-45131,vulnerability--dc91940b-ba38-4beb-ab8c-a08e7b9af362
+vulnerability,CVE-2024-45118,vulnerability--ecb54fc5-4f9e-4d73-ace6-bc4d899b5bb6
+vulnerability,CVE-2024-45120,vulnerability--dd9ef3c6-4784-453a-88de-78ee9a6de6a0
+vulnerability,CVE-2024-45119,vulnerability--77939ecd-49ff-4af0-9581-d36e7765e922
+vulnerability,CVE-2024-45123,vulnerability--e571e40e-f472-4bc6-84b2-42bc205ee021
+vulnerability,CVE-2024-45121,vulnerability--69aaf09e-b12b-4bbd-9da1-a7660ded0857
+vulnerability,CVE-2024-45129,vulnerability--3bfbaec8-cbb6-4277-b2e0-4462b990d98d
+vulnerability,CVE-2024-45135,vulnerability--1e44f613-39ff-44ed-a8f7-32ee1c6d7675
+vulnerability,CVE-2024-9794,vulnerability--ea422f2b-9f31-410c-8808-9a6d8400896e
+vulnerability,CVE-2024-9520,vulnerability--b296e57a-aebe-449a-93ec-9b42df6c0d49
+vulnerability,CVE-2024-9804,vulnerability--8a1d585d-ee1e-4079-a276-a769f0dc7802
+vulnerability,CVE-2024-9457,vulnerability--94291c5d-8bed-4f3a-bebf-81b5bdc840e7
+vulnerability,CVE-2024-9074,vulnerability--6d94f2db-5cb4-423c-b764-47439b1688a3
+vulnerability,CVE-2024-9816,vulnerability--dd7e7c15-fa37-4a7c-abc1-aa72e072b76d
+vulnerability,CVE-2024-9814,vulnerability--99ffa287-c7d0-46ae-812d-f73a0a65d02a
+vulnerability,CVE-2024-9180,vulnerability--de9925cf-d237-49e7-9b5f-c990cd4babc9
+vulnerability,CVE-2024-9522,vulnerability--abd7d33c-980f-4305-8076-71e56b353a8f
+vulnerability,CVE-2024-9156,vulnerability--de911bab-f693-4d1b-a9ff-dfb54b58ce3c
+vulnerability,CVE-2024-9312,vulnerability--13941a10-1d4b-46cf-9b27-923cd0d3528d
+vulnerability,CVE-2024-9808,vulnerability--22e3a623-59c8-45ef-aac6-7ad6d60d30a4
+vulnerability,CVE-2024-9067,vulnerability--caa527fb-1854-4b58-b955-c36beffa64ef
+vulnerability,CVE-2024-9793,vulnerability--e3779ca0-ef98-4d58-897f-46abb6bcf32f
+vulnerability,CVE-2024-9066,vulnerability--a4bd9f1e-cb2f-4f14-8ffb-9761591f65cd
+vulnerability,CVE-2024-9785,vulnerability--c10b6eab-69b0-493a-8b2c-2046dc2b5797
+vulnerability,CVE-2024-9780,vulnerability--3bf67cf4-e2ed-46be-8b71-0b34783b4439
+vulnerability,CVE-2024-9596,vulnerability--263e7f49-af5d-4104-8d59-479b20b59b41
+vulnerability,CVE-2024-9581,vulnerability--090319be-4bac-4df5-a5c5-8438a41961fa
+vulnerability,CVE-2024-9781,vulnerability--7c2f6847-22c9-41d6-be40-edede501a164
+vulnerability,CVE-2024-9798,vulnerability--317b401b-7534-4d31-854f-73d8a945ca0a
+vulnerability,CVE-2024-9685,vulnerability--958658a1-70b6-49cc-a182-139f682495a5
+vulnerability,CVE-2024-9788,vulnerability--b291d011-ab34-41e7-9e26-7c7df603f68d
+vulnerability,CVE-2024-9022,vulnerability--194a5e02-1037-4a76-bcfd-7afc39e13d52
+vulnerability,CVE-2024-9812,vulnerability--dc1f9c5b-a4d9-4e50-8d21-06ffa3a629a7
+vulnerability,CVE-2024-9519,vulnerability--64823fe2-9781-4c5c-ba90-43a3ac10f48c
+vulnerability,CVE-2024-9815,vulnerability--86a5c6d9-baec-4622-b026-f9eb185a4cad
+vulnerability,CVE-2024-9786,vulnerability--6811e025-0890-4477-810b-a352ffd601a5
+vulnerability,CVE-2024-9784,vulnerability--7beb75cf-5027-45c1-ad92-c5aefe2918f7
+vulnerability,CVE-2024-9205,vulnerability--0abd9477-1bc4-40bb-858d-4f40094e89d3
+vulnerability,CVE-2024-9809,vulnerability--0e9f8ce6-bb27-46b8-9503-22991f65fc84
+vulnerability,CVE-2024-9805,vulnerability--9f3f7052-14c9-48c7-a660-cdbfd82fe8a3
+vulnerability,CVE-2024-9518,vulnerability--57756ccd-3aec-4cb9-b86c-beed7951046c
+vulnerability,CVE-2024-9796,vulnerability--242bcc95-d302-4477-9236-2960e7bea5ed
+vulnerability,CVE-2024-9065,vulnerability--bde182f8-534f-46e3-83f6-899262bba25c
+vulnerability,CVE-2024-9783,vulnerability--cd0834c7-294f-47d5-adbe-787b923d59a4
+vulnerability,CVE-2024-9487,vulnerability--91bc0540-1516-4f98-b106-f994052f9281
+vulnerability,CVE-2024-9802,vulnerability--f8717102-7f90-4a00-8040-869a89e64ff1
+vulnerability,CVE-2024-9792,vulnerability--f922732d-3340-4f16-b9b8-04062084f3a8
+vulnerability,CVE-2024-9787,vulnerability--a39f7c55-356b-4427-810a-f7810f4340b8
+vulnerability,CVE-2024-9799,vulnerability--8bbd82c9-ad4d-4e9d-bc6b-a153002cf499
+vulnerability,CVE-2024-9810,vulnerability--35f7c804-d401-4252-ac7a-5b7ca766eeba
+vulnerability,CVE-2024-9789,vulnerability--d46cc30a-3099-46d1-9113-172a4743c76b
+vulnerability,CVE-2024-9201,vulnerability--1a44c1f5-b807-4fbb-bb2e-0d78423fb82c
+vulnerability,CVE-2024-9782,vulnerability--e9b9a676-0931-4cbb-b404-8c02db38ac1b
+vulnerability,CVE-2024-9790,vulnerability--488f9341-1cef-4752-a21e-a08cf2a41f86
+vulnerability,CVE-2024-9817,vulnerability--31c7c7ed-df86-4d6a-a7d7-82143b847872
+vulnerability,CVE-2024-9064,vulnerability--ffea44d4-8456-4ab0-80c3-5ad1246e2af9
+vulnerability,CVE-2024-9803,vulnerability--7dc9e28a-f899-4557-b25e-78f6ec98e4f3
+vulnerability,CVE-2024-9797,vulnerability--d8460459-569a-411d-a004-b4aa029c5684
+vulnerability,CVE-2024-9623,vulnerability--4452d646-48ab-4b5d-b872-0ff65424d58c
+vulnerability,CVE-2024-9072,vulnerability--220301e4-5031-4500-ad0f-6eaacd1d2aee
+vulnerability,CVE-2024-9057,vulnerability--2977581b-af2b-4cae-a5cb-06402c43818a
+vulnerability,CVE-2024-9811,vulnerability--ebe735f9-79bc-47f8-8130-8def92239ac0
+vulnerability,CVE-2024-9806,vulnerability--9a2094f3-cbac-4b02-87d0-35b106ea0796
+vulnerability,CVE-2024-9807,vulnerability--1889b192-c4b2-4707-8ffd-b091445f5478
+vulnerability,CVE-2024-9813,vulnerability--c8d8131a-950b-465d-bf60-48c92bcf60c6
+vulnerability,CVE-2024-9818,vulnerability--e0db58be-b746-4920-9e71-0d6a5dd2b4b7
+vulnerability,CVE-2024-9377,vulnerability--6e3da507-27d4-485b-be54-a63191370297
+vulnerability,CVE-2024-47636,vulnerability--7fd6cfee-97f7-4cde-8c83-ebafd1bcf9a3
+vulnerability,CVE-2024-47870,vulnerability--dced5125-da45-49a4-a687-da211219ffe9
+vulnerability,CVE-2024-47962,vulnerability--a028920b-c455-4fef-bee7-4876cfa3fd23
+vulnerability,CVE-2024-47167,vulnerability--2bf3a62c-27ff-4bf5-8a03-1cb222625968
+vulnerability,CVE-2024-47084,vulnerability--71a22ed2-1377-4e5a-94f1-7a86f412db4a
+vulnerability,CVE-2024-47869,vulnerability--ddea1bf1-3ccc-4af5-a38e-ec0106ac6086
+vulnerability,CVE-2024-47867,vulnerability--9813ffc6-5c52-41b4-8675-d05d6310f536
+vulnerability,CVE-2024-47168,vulnerability--573dd0eb-628d-4ee1-a47c-ac56ca5fd7f0
+vulnerability,CVE-2024-47868,vulnerability--dfa21733-7119-4cd8-9298-1b1116850546
+vulnerability,CVE-2024-47966,vulnerability--27bd8da5-89b7-46a1-9779-2c419b9b4ff3
+vulnerability,CVE-2024-47164,vulnerability--10bf3d08-e098-4846-96a1-cfbf4d045484
+vulnerability,CVE-2024-47166,vulnerability--bd61ee97-de4d-467a-bd99-4651d7f2e64b
+vulnerability,CVE-2024-47648,vulnerability--54ae5512-e8f6-4b65-9322-96e79eb11502
+vulnerability,CVE-2024-47872,vulnerability--5ed66275-c1ef-457a-a63a-488ed66226ae
+vulnerability,CVE-2024-47964,vulnerability--2988316c-b051-4e47-860f-04b8bed21cef
+vulnerability,CVE-2024-47354,vulnerability--c007a635-6863-4778-b36f-102a34cc20cd
+vulnerability,CVE-2024-47965,vulnerability--8f0e9de8-7c9e-4954-8793-e6fbe400fe21
+vulnerability,CVE-2024-47165,vulnerability--15110e2c-fe91-4d07-92ed-42a43b418b62
+vulnerability,CVE-2024-47871,vulnerability--f0bd0bb7-8b72-404e-8df2-eae1687c6d91
+vulnerability,CVE-2024-47963,vulnerability--40f0750d-06de-49b0-a748-44215fab8b78
+vulnerability,CVE-2024-7049,vulnerability--89d06ba3-c603-4b96-ad89-9d5e03fba2ed
+vulnerability,CVE-2024-7048,vulnerability--235ac6da-7737-436c-b7a4-4ec64f01e448
+vulnerability,CVE-2024-8977,vulnerability--25a8ab2d-beac-4be5-9a42-332b659f81b8
+vulnerability,CVE-2024-8513,vulnerability--558f5d76-18a6-482e-8b36-5a28c9528e2d
+vulnerability,CVE-2024-8477,vulnerability--2101b3a0-ff9e-4443-9374-d0a0bf18560c
+vulnerability,CVE-2024-8987,vulnerability--93be5f9c-4828-4f5b-a721-d8d510140469
+vulnerability,CVE-2024-8729,vulnerability--c0d5d955-86c4-4e9e-9bf0-8fbcacfbdc24
+vulnerability,CVE-2024-22068,vulnerability--361da62f-f531-4f11-93e1-4fcb9399c86e
+vulnerability,CVE-2024-35202,vulnerability--14fceddf-fa99-4b5e-9081-865d11efb771
+vulnerability,CVE-2024-36917,vulnerability--ea11ec69-737e-4756-870f-1d28d0556c08
+vulnerability,CVE-2024-36936,vulnerability--4ddbbe35-6611-4889-b3ba-ac694f32238b
+vulnerability,CVE-2024-36051,vulnerability--a15a5228-95b2-4717-a36f-9f1605892ea4
+vulnerability,CVE-2024-4658,vulnerability--dcb1e498-66ce-4946-89d5-8e849c96215a
+vulnerability,CVE-2024-6157,vulnerability--30dca618-4397-4e0f-a5d7-d722e596aff0
+vulnerability,CVE-2024-6747,vulnerability--2711ceb8-45b1-4d5e-9448-85f011c09053
+vulnerability,CVE-2024-6530,vulnerability--0c534c58-0e5c-4251-bbb8-b80d9a11634e
+vulnerability,CVE-2023-25581,vulnerability--bf93eb7b-f18f-4fbe-86da-d92b631ec836
diff --git a/objects/vulnerability/vulnerability--090319be-4bac-4df5-a5c5-8438a41961fa.json b/objects/vulnerability/vulnerability--090319be-4bac-4df5-a5c5-8438a41961fa.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--0f29e3cd-c817-440d-aef9-31e6edfcb00d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--090319be-4bac-4df5-a5c5-8438a41961fa",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.442893Z",
+            "modified": "2024-10-11T00:20:18.442893Z",
+            "name": "CVE-2024-9581",
+            "description": "The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9581"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0abd9477-1bc4-40bb-858d-4f40094e89d3.json b/objects/vulnerability/vulnerability--0abd9477-1bc4-40bb-858d-4f40094e89d3.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--dd5de4a3-50c3-4295-bb6b-aa1867033f03",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0abd9477-1bc4-40bb-858d-4f40094e89d3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.464141Z",
+            "modified": "2024-10-11T00:20:18.464141Z",
+            "name": "CVE-2024-9205",
+            "description": "The Maximum Products per User for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.2.8. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9205"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0c534c58-0e5c-4251-bbb8-b80d9a11634e.json b/objects/vulnerability/vulnerability--0c534c58-0e5c-4251-bbb8-b80d9a11634e.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--264eb20b-6112-4915-8a85-fbfcfb2a8924",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0c534c58-0e5c-4251-bbb8-b80d9a11634e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:20.458224Z",
+            "modified": "2024-10-11T00:20:20.458224Z",
+            "name": "CVE-2024-6530",
+            "description": "A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 17.1 prior 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2. When adding a authorizing an application, it can be made to render as HTML under specific circumstances.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-6530"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0ccf63d9-9df6-4f9e-83cf-b14a1f45be11.json b/objects/vulnerability/vulnerability--0ccf63d9-9df6-4f9e-83cf-b14a1f45be11.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--287476c4-9a9c-4be3-8004-c0482e22528f",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0ccf63d9-9df6-4f9e-83cf-b14a1f45be11",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.387565Z",
+            "modified": "2024-10-11T00:20:18.387565Z",
+            "name": "CVE-2024-45133",
+            "description": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-45133"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--0e9f8ce6-bb27-46b8-9503-22991f65fc84.json b/objects/vulnerability/vulnerability--0e9f8ce6-bb27-46b8-9503-22991f65fc84.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--5e2eab25-472e-4b23-bf45-8ef73d8d7f6d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0e9f8ce6-bb27-46b8-9503-22991f65fc84",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.465137Z",
+            "modified": "2024-10-11T00:20:18.465137Z",
+            "name": "CVE-2024-9809",
+            "description": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9809"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--10bf3d08-e098-4846-96a1-cfbf4d045484.json b/objects/vulnerability/vulnerability--10bf3d08-e098-4846-96a1-cfbf4d045484.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--dc2e5dd5-f603-4f76-b2f6-38944a5098cc",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--10bf3d08-e098-4846-96a1-cfbf4d045484",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.605415Z",
+            "modified": "2024-10-11T00:20:18.605415Z",
+            "name": "CVE-2024-47164",
+            "description": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that manipulate file paths using `..` (parent directory) sequences. Attackers could potentially access restricted files if they are able to exploit this flaw, although the difficulty is high. This primarily impacts users relying on Gradio’s blocklist or directory access validation, particularly when handling file uploads. Users are advised to upgrade to `gradio>=5.0` to address this issue. As a workaround, users can manually sanitize and normalize file paths in their Gradio deployment before passing them to the `is_in_or_equal` function. Ensuring that all file paths are properly resolved and absolute can help mitigate the bypass vulnerabilities caused by the improper handling of `..` sequences or malformed paths.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47164"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--13941a10-1d4b-46cf-9b27-923cd0d3528d.json b/objects/vulnerability/vulnerability--13941a10-1d4b-46cf-9b27-923cd0d3528d.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--21b45ed3-a387-449d-ae3c-1c295d0884bb",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--13941a10-1d4b-46cf-9b27-923cd0d3528d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:18.426731Z",
+            "modified": "2024-10-11T00:20:18.426731Z",
+            "name": "CVE-2024-9312",
+            "description": "Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-9312"
+                }
+            ]
+        }
+    ]
+}
diff --git a/objects/vulnerability/vulnerability--14fceddf-fa99-4b5e-9081-865d11efb771.json b/objects/vulnerability/vulnerability--14fceddf-fa99-4b5e-9081-865d11efb771.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--319e06e4-7a6c-4dd5-8494-f587ed5e5e31",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--14fceddf-fa99-4b5e-9081-865d11efb771",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-11T00:20:19.563673Z",
+            "modified": "2024-10-11T00:20:19.563673Z",
+            "name": "CVE-2024-35202",
+            "description": "Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instance.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-35202"
+                }
+            ]
+        }
+    ]
+}