generated content from 2024-10-12

mapping.csv

@@ -251659,3 +251659,135 @@ vulnerability,CVE-2024-6157,vulnerability--30dca618-4397-4e0f-a5d7-d722e596aff0
 vulnerability,CVE-2024-6747,vulnerability--2711ceb8-45b1-4d5e-9448-85f011c09053
 vulnerability,CVE-2024-6530,vulnerability--0c534c58-0e5c-4251-bbb8-b80d9a11634e
 vulnerability,CVE-2023-25581,vulnerability--bf93eb7b-f18f-4fbe-86da-d92b631ec836
+vulnerability,CVE-2024-48768,vulnerability--945d535a-3263-4721-8f40-072beff3a756
+vulnerability,CVE-2024-48787,vulnerability--00e9e4c3-2808-4cb1-9d20-e0ca4c4cff0d
+vulnerability,CVE-2024-48938,vulnerability--a784abb2-950e-4dd9-a5db-af8ccc4f559c
+vulnerability,CVE-2024-48770,vulnerability--a67b4faa-2200-4bd9-ae91-93762089aa86
+vulnerability,CVE-2024-48813,vulnerability--405a7ba3-9ada-4073-9b52-d65d41ffeb16
+vulnerability,CVE-2024-48774,vulnerability--f3275aae-5d5d-455e-9e16-21aedefccc6a
+vulnerability,CVE-2024-48786,vulnerability--338b0b30-332d-4fb2-9317-9e46faeb216e
+vulnerability,CVE-2024-48777,vulnerability--dd12de34-308e-4d4a-9728-969a33b2245a
+vulnerability,CVE-2024-48784,vulnerability--740a70f6-c071-4e05-a212-bb839324a9a0
+vulnerability,CVE-2024-48041,vulnerability--ec1afe91-ef94-4f96-8d7c-f6c2005d0a51
+vulnerability,CVE-2024-48771,vulnerability--40ff6a8e-8bd6-48c6-9c2e-8d17929a50bc
+vulnerability,CVE-2024-48772,vulnerability--a4455976-74bb-4372-8d4f-bf9a97e626c9
+vulnerability,CVE-2024-48775,vulnerability--b1dfa6ec-e54f-481e-8242-5d7652b269ac
+vulnerability,CVE-2024-48776,vulnerability--e57cd6ee-b40b-44a5-8094-e62c6802b12a
+vulnerability,CVE-2024-48040,vulnerability--71e6d110-37b1-49cd-b2c2-3520e1fbde4b
+vulnerability,CVE-2024-48773,vulnerability--e7391083-a9fa-4438-8316-5c9385b387f3
+vulnerability,CVE-2024-48937,vulnerability--6f05fbe6-7ec5-4b0e-8826-877439b56cc4
+vulnerability,CVE-2024-48778,vulnerability--7e61d5a8-3ebf-45fa-bf64-7239240a0caa
+vulnerability,CVE-2024-48987,vulnerability--db1cd013-b21c-4bc4-b649-ed066fd6f2b4
+vulnerability,CVE-2024-48033,vulnerability--38852243-b3cb-4ccc-ac77-652fb1396f77
+vulnerability,CVE-2024-48827,vulnerability--44e95964-b7cc-4d09-a536-0110c8cd779a
+vulnerability,CVE-2024-48769,vulnerability--26a54187-edf4-44c8-85cc-e6c11e75ecd5
+vulnerability,CVE-2024-48020,vulnerability--ab0c6d9b-6e3b-414a-a194-ec7df4df1156
+vulnerability,CVE-2024-48788,vulnerability--4f33b3c6-b8d0-45e8-b420-a793ff8c40c5
+vulnerability,CVE-2024-45396,vulnerability--8b7a7115-8683-491b-bb42-10cbbe7724cc
+vulnerability,CVE-2024-45397,vulnerability--769697ea-1e3d-4961-aa54-d8712fa655dc
+vulnerability,CVE-2024-45754,vulnerability--7de57629-ed91-486e-a546-0f355680d405
+vulnerability,CVE-2024-45402,vulnerability--5c35032c-660c-45ad-985b-eb3f26885cca
+vulnerability,CVE-2024-45184,vulnerability--35829c5b-46d2-4b0f-bf2e-bf0c3d4a7dbd
+vulnerability,CVE-2024-45317,vulnerability--3bd92cf9-fc6f-4ddc-994a-ef0f2334624e
+vulnerability,CVE-2024-45316,vulnerability--ca50e84f-6d27-4660-8c91-d37c74794646
+vulnerability,CVE-2024-45403,vulnerability--062cc627-29cb-4c63-a5ac-d04858f86f5e
+vulnerability,CVE-2024-45315,vulnerability--08c2151a-ca46-4157-a837-a0c28b0d0856
+vulnerability,CVE-2024-9587,vulnerability--af0ddc3f-2c3d-43e8-a002-3eba7bd99e19
+vulnerability,CVE-2024-9616,vulnerability--e865067a-6ced-442f-8b29-06f6ad5e7c52
+vulnerability,CVE-2024-9539,vulnerability--f3c5137a-9c92-43f2-a70c-e7ffe46ab67d
+vulnerability,CVE-2024-9856,vulnerability--211e0b29-cff7-4aa4-a798-21aef6fb0821
+vulnerability,CVE-2024-9507,vulnerability--45b9c11f-ee4c-44b7-b6e3-0e12fc448439
+vulnerability,CVE-2024-9211,vulnerability--fab12527-4d39-4e08-b8ca-38672d228dd8
+vulnerability,CVE-2024-9538,vulnerability--98de8d08-2e63-4235-97d1-1694822abb5d
+vulnerability,CVE-2024-9436,vulnerability--e917e3bd-7b04-4aa6-834b-4c9d8a024002
+vulnerability,CVE-2024-9002,vulnerability--495119dd-1289-43db-99d9-121e2237e7f1
+vulnerability,CVE-2024-9046,vulnerability--8bfafd79-4ae0-4f97-aa0d-5a62cf7e473e
+vulnerability,CVE-2024-9232,vulnerability--e8b22a78-f431-4eb4-bf3f-94bae6e30e78
+vulnerability,CVE-2024-9859,vulnerability--b4a87792-2070-458b-b319-baf1c6e46749
+vulnerability,CVE-2024-9346,vulnerability--17a9de83-64e1-4b37-adc1-281d1085fb79
+vulnerability,CVE-2024-9221,vulnerability--32cd8494-ac97-4495-907d-591231e7e409
+vulnerability,CVE-2024-9234,vulnerability--fda480db-dec3-4d13-bbaf-97abe6c8e20b
+vulnerability,CVE-2024-9822,vulnerability--cbadd305-51c6-4f10-a4fe-45c527c00ff2
+vulnerability,CVE-2024-9051,vulnerability--f0265d57-8320-496f-b9e3-eebb3a09d1e8
+vulnerability,CVE-2024-9543,vulnerability--f2ed5ff3-9e6d-45c9-9ac4-0b4183b561d8
+vulnerability,CVE-2024-9855,vulnerability--9205cfad-79fd-4078-8c2a-30e6480b4a31
+vulnerability,CVE-2024-9586,vulnerability--b82d11fd-48e2-4faa-9bd1-d8dfc6873405
+vulnerability,CVE-2024-9611,vulnerability--3d38f2e0-de60-4a00-bc35-f51d2c32cea0
+vulnerability,CVE-2024-9707,vulnerability--46b6a4b3-d4e0-422b-9f2e-37c27ca5144a
+vulnerability,CVE-2024-9164,vulnerability--803e69b6-a377-4c17-97d1-6f6564839a6d
+vulnerability,CVE-2024-9610,vulnerability--6dd21125-ba4b-4fd3-a3de-401630c8cf7c
+vulnerability,CVE-2024-39534,vulnerability--97d2074d-e105-406e-a972-19672e04c783
+vulnerability,CVE-2024-39547,vulnerability--dfed6007-5876-43c3-a15f-09b2a1b45cd4
+vulnerability,CVE-2024-39563,vulnerability--e2693d57-7fa4-4e21-935f-5731c450ac7c
+vulnerability,CVE-2024-39527,vulnerability--e9bf3399-7486-47ec-aea1-7ee04100196e
+vulnerability,CVE-2024-39544,vulnerability--171580b5-3186-4855-88a7-7030a91794c9
+vulnerability,CVE-2024-39526,vulnerability--e22f09a6-b151-4fd4-8fd6-92eb556e1eb1
+vulnerability,CVE-2024-47494,vulnerability--0a9bfc25-b354-4a6c-b74c-584f54de5e30
+vulnerability,CVE-2024-47503,vulnerability--979c34ac-fede-4beb-992c-43d3f264cdcc
+vulnerability,CVE-2024-47353,vulnerability--810984f5-95d2-4d22-8c8a-0755c381a269
+vulnerability,CVE-2024-47506,vulnerability--0ee0f4cc-248d-4e92-8439-aadf1bcc3df9
+vulnerability,CVE-2024-47504,vulnerability--00a3aa4b-76dd-4a33-beef-3f80dbf0ec1f
+vulnerability,CVE-2024-47331,vulnerability--90cc05ce-b636-449f-8515-b92842d5c52f
+vulnerability,CVE-2024-47074,vulnerability--0dabb038-f6ba-4562-a056-c495b6a2ecce
+vulnerability,CVE-2024-47501,vulnerability--5bc2eb4f-1e7c-4963-b875-92456dbce989
+vulnerability,CVE-2024-47498,vulnerability--fcf95a31-92e3-4871-b1fa-da16ed8f4f68
+vulnerability,CVE-2024-47489,vulnerability--9f802651-63d1-42fb-aac6-12d91c30f794
+vulnerability,CVE-2024-47491,vulnerability--caf1fa91-4edf-49e0-b427-d08cecdbb7ca
+vulnerability,CVE-2024-47496,vulnerability--00b1bf2a-cb89-4b86-8005-459ff97d15d1
+vulnerability,CVE-2024-47493,vulnerability--ee5bc8d4-8d5b-48ed-af1a-eddd9efe8549
+vulnerability,CVE-2024-47508,vulnerability--0f128232-15e0-494c-b401-46076bf1cea7
+vulnerability,CVE-2024-47507,vulnerability--1aee975a-826c-4a00-9510-70ceebe08194
+vulnerability,CVE-2024-47875,vulnerability--d767eeaa-3e49-45ed-98f6-5799e6506cef
+vulnerability,CVE-2024-47830,vulnerability--8c589ddc-24c5-496b-b134-1ef6231a067d
+vulnerability,CVE-2024-47509,vulnerability--8f681c9f-4fe8-4426-ac3a-e58928d66d08
+vulnerability,CVE-2024-47499,vulnerability--e2215402-85fd-4059-b109-d42c31963fb3
+vulnerability,CVE-2024-47495,vulnerability--03507b78-df7a-449b-b0f0-50c1ae62575c
+vulnerability,CVE-2024-47497,vulnerability--46569d2b-cba3-41e3-9111-fcea417f0c51
+vulnerability,CVE-2024-47884,vulnerability--748578b0-b1d2-44ae-ae89-a817007d7e48
+vulnerability,CVE-2024-47505,vulnerability--353d1628-0297-4b54-a2df-d20f35fa981e
+vulnerability,CVE-2024-47877,vulnerability--ddef4368-b05b-4481-a178-ac98794be3f1
+vulnerability,CVE-2024-47502,vulnerability--a60d8bbd-6cf6-4005-b479-3be98a11086f
+vulnerability,CVE-2024-47490,vulnerability--c305de9c-4005-4d0d-9bc8-cb6495ec58e0
+vulnerability,CVE-2024-7514,vulnerability--159c2746-bdbb-4e74-a966-8cd3833faf0b
+vulnerability,CVE-2024-25622,vulnerability--53df50b4-8bda-45e6-886e-8db1045eeb30
+vulnerability,CVE-2024-44731,vulnerability--46372af8-fcee-4fb6-9918-6ff71d5b71e8
+vulnerability,CVE-2024-44415,vulnerability--406a1e54-c3e4-484f-8713-c065bfcb9b51
+vulnerability,CVE-2024-44730,vulnerability--a579b0a9-eabc-4696-8280-4fb1dd71d3b9
+vulnerability,CVE-2024-44413,vulnerability--10ec8a98-6b71-4f4e-a007-c47ae10a90b6
+vulnerability,CVE-2024-44734,vulnerability--5f6235db-c721-4e33-bb99-21255a1dcb2b
+vulnerability,CVE-2024-44157,vulnerability--71d4850e-3d5c-4944-b326-c775c4e46845
+vulnerability,CVE-2024-44807,vulnerability--b6b71868-9595-4bcb-ac2e-4edaa1cb2ac6
+vulnerability,CVE-2024-44414,vulnerability--b63b2dd5-176e-4636-ad10-681e9f6d9580
+vulnerability,CVE-2024-44729,vulnerability--5468eb3e-e19d-4e60-98ea-57fd2f1aaad6
+vulnerability,CVE-2024-33580,vulnerability--67cd4f68-cc5f-43f6-a892-857bafcfe51a
+vulnerability,CVE-2024-33579,vulnerability--63940b45-2636-4e9d-bc30-c25b46f489b5
+vulnerability,CVE-2024-33578,vulnerability--3f754403-f44f-4996-918b-598624dffeae
+vulnerability,CVE-2024-33581,vulnerability--ec7a4239-bda0-4475-ab5f-b9c326db05cf
+vulnerability,CVE-2024-33582,vulnerability--514c1f79-bf48-4f63-a679-9cb297cfe237
+vulnerability,CVE-2024-8755,vulnerability--a0d4bbe5-2e12-4469-a559-0c6829a5bbaf
+vulnerability,CVE-2024-8530,vulnerability--a9504174-ee6b-44db-afcf-fbf1bb0e8d48
+vulnerability,CVE-2024-8376,vulnerability--ddf3c733-26d0-445f-a1aa-acd268b10d17
+vulnerability,CVE-2024-8913,vulnerability--243181aa-809c-46e1-94dc-e9204699d8a0
+vulnerability,CVE-2024-8912,vulnerability--b968792f-bb31-44e9-a098-8043128f3585
+vulnerability,CVE-2024-8531,vulnerability--efd27609-8b4b-4dca-b280-b37bcbf47168
+vulnerability,CVE-2024-8970,vulnerability--e6101a8c-a0c7-429b-ad7d-04b9c416638a
+vulnerability,CVE-2024-38365,vulnerability--ac8f469d-143c-4e2a-b334-6f823be404f4
+vulnerability,CVE-2024-21534,vulnerability--88d418d3-0cee-47a9-b9ec-25d73765dfd0
+vulnerability,CVE-2024-35517,vulnerability--a610e57b-d341-4c58-b7ef-70344ecf3c8e
+vulnerability,CVE-2024-35522,vulnerability--9c022f07-116e-452a-8c8a-732de9c6124b
+vulnerability,CVE-2024-46088,vulnerability--02dc9787-7572-4b06-96cb-717073b23598
+vulnerability,CVE-2024-46215,vulnerability--e73e10e7-834d-4355-b003-97b0df6efe4d
+vulnerability,CVE-2024-46532,vulnerability--92fc1f59-ddb5-4398-a289-be174b8294b0
+vulnerability,CVE-2024-46468,vulnerability--485189c2-1382-4fb8-8747-04ef2f61e1ab
+vulnerability,CVE-2024-42018,vulnerability--34f0dd54-04c3-4df6-a0c1-3c22aa23e5af
+vulnerability,CVE-2024-42640,vulnerability--1768ce34-22dd-430a-aa22-3f390d130c9c
+vulnerability,CVE-2024-4132,vulnerability--111430a2-1a4d-460a-9600-a0c19bf1bb69
+vulnerability,CVE-2024-4130,vulnerability--a458f6ed-baed-4f59-b119-cb0d86526287
+vulnerability,CVE-2024-4131,vulnerability--8c6832a7-1131-48b8-99f6-eea558157c39
+vulnerability,CVE-2024-4089,vulnerability--1cfe521b-60c6-41b1-a3b5-8ffba02e3072
+vulnerability,CVE-2024-5005,vulnerability--4771b601-77e3-449f-9aab-f5fc44547635
+vulnerability,CVE-2024-5474,vulnerability--821df951-f8be-48a6-955e-fd947c3a9eda
+vulnerability,CVE-2024-6657,vulnerability--46c9531e-1aba-4fae-af48-163e865009ac
+vulnerability,CVE-2024-6985,vulnerability--b3617e56-d6e7-47f6-ba13-b4c7667474e3
+vulnerability,CVE-2024-6971,vulnerability--8fc34b34-7518-4432-8c45-0f8bbfc404a9
+vulnerability,CVE-2023-42133,vulnerability--36c664f9-15e1-4081-b866-a888afba0dc3

objects/vulnerability/vulnerability--00a3aa4b-76dd-4a33-beef-3f80dbf0ec1f.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--3de7d696-5a44-44c7-918d-24a12bf8c65d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--00a3aa4b-76dd-4a33-beef-3f80dbf0ec1f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:54.258967Z",
+            "modified": "2024-10-12T00:19:54.258967Z",
+            "name": "CVE-2024-47504",
+            "description": "An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).\n\nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.\n\nThis issue affects Junos OS:\n\n  *  22.1 releases 22.1R1 and later before 22.2R3-S5,\n  *  22.3 releases before 22.3R3-S4,\n  *  22.4 releases before 22.4R3-S4,\n  *  23.2 releases before 23.2R2-S2,\n  *  23.4 releases before 23.4R2-S1,\n  *  24.2 releases before 24.2R1-S1, 24.2R2.\n\n\nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47504"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--00b1bf2a-cb89-4b86-8005-459ff97d15d1.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--773c5046-11f1-4bb5-9e5e-4c5b92469ab9",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--00b1bf2a-cb89-4b86-8005-459ff97d15d1",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:54.278015Z",
+            "modified": "2024-10-12T00:19:54.278015Z",
+            "name": "CVE-2024-47496",
+            "description": "A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.\n\n This issue only affects MX Series devices with Line cards MPC1-MPC9.\nThis issue affects:\nJunos OS on MX Series: \n\n\n  *  All versions before 21.4R3-S9, \n  *  from 22.2 before 22.2R3-S5, \n  *  from 22.3 before 22.3R3-S4, \n  *  from 22.4 before 22.4R3-S2, \n  *  from 23.2 before 23.2R2-S1, \n  *  from 23.4 before 23.4R2.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47496"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--00e9e4c3-2808-4cb1-9d20-e0ca4c4cff0d.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f8abb797-b803-4153-822d-2d3ade87488d",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--00e9e4c3-2808-4cb1-9d20-e0ca4c4cff0d",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:53.912817Z",
+            "modified": "2024-10-12T00:19:53.912817Z",
+            "name": "CVE-2024-48787",
+            "description": "An issue in Revic Optics Revic Ops (us.revic.revicops) 1.12.5 allows a remote attacker to obtain sensitive information via the firmware update process.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-48787"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--02dc9787-7572-4b06-96cb-717073b23598.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--565f2c33-7c9e-4c3c-8f70-be67531b6f88",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--02dc9787-7572-4b06-96cb-717073b23598",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:55.477523Z",
+            "modified": "2024-10-12T00:19:55.477523Z",
+            "name": "CVE-2024-46088",
+            "description": "An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-46088"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--03507b78-df7a-449b-b0f0-50c1ae62575c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--d97deb4a-6626-4f35-a5f3-ba3818091fdc",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--03507b78-df7a-449b-b0f0-50c1ae62575c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:54.30048Z",
+            "modified": "2024-10-12T00:19:54.30048Z",
+            "name": "CVE-2024-47495",
+            "description": "An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices.\n\nThis issue affects:\nJuniper Networks Junos OS Evolved with dual-REs:\n  *  All versions before 21.2R3-S8-EVO,\n  *  from 21.4-EVO before 21.4R3-S8-EVO,\n  *  from 22.2-EVO before 22.2R3-S4-EVO,\n  *  from 22.3-EVO before 22.3R3-S4-EVO,\n  *  from 22.4-EVO before 22.4R3-S3-EVO,\n  *  from 23.2-EVO before 23.2R2-S1-EVO,\n  *  from 23.4-EVO before 23.4R2-S1-EVO.\n\n\n\nThis issue does not affect Juniper Networks Junos OS.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47495"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--062cc627-29cb-4c63-a5ac-d04858f86f5e.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--cbd81227-dfe5-4de7-bead-00f901c786e4",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--062cc627-29cb-4c63-a5ac-d04858f86f5e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:54.101016Z",
+            "modified": "2024-10-12T00:19:54.101016Z",
+            "name": "CVE-2024-45403",
+            "description": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-45403"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--08c2151a-ca46-4157-a837-a0c28b0d0856.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--71531278-e18d-4260-87db-1fecc8994a41",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--08c2151a-ca46-4157-a837-a0c28b0d0856",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2024-10-12T00:19:54.105416Z",
+            "modified": "2024-10-12T00:19:54.105416Z",
+            "name": "CVE-2024-45315",
+            "description": "The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-45315"
+                }
+            ]
+        }
+    ]
+}