generated content from 2023-08-31

mapping.csv

@@ -211306,3 +211306,118 @@ vulnerability,CVE-2023-4572,vulnerability--d59706bb-ea20-4b3a-99c8-7fe80a97b580
 vulnerability,CVE-2023-4296,vulnerability--0a7e5821-3f18-47ad-88b1-24ef6b22292b
 vulnerability,CVE-2023-4611,vulnerability--030553f5-d464-456c-ba7b-5afc75df5828
 vulnerability,CVE-2020-18912,vulnerability--fd8f5182-8c36-4848-a9c7-4c303dfc676c
+vulnerability,CVE-2023-38970,vulnerability--d60f2f6a-b48e-4c52-af32-65183e283a6e
+vulnerability,CVE-2023-40842,vulnerability--ad064feb-938f-4886-a276-0af6adbd4a90
+vulnerability,CVE-2023-40596,vulnerability--cd3e732a-7de1-4994-ab3f-209b637ea3b2
+vulnerability,CVE-2023-40844,vulnerability--a9d5fd94-60ab-4c06-abb3-97262d4a997a
+vulnerability,CVE-2023-40597,vulnerability--bf49edaf-6a7f-4eef-8bb6-eb6468e99ab5
+vulnerability,CVE-2023-40595,vulnerability--b73a223c-4e0f-4724-b06f-0bc62f261863
+vulnerability,CVE-2023-40845,vulnerability--cb0cde20-dee9-4bdb-b2b8-a2f720f16983
+vulnerability,CVE-2023-40598,vulnerability--e63a0210-03b9-4048-b5fc-e170bea646a5
+vulnerability,CVE-2023-40837,vulnerability--75046f53-fcdc-486e-b537-b63faec0e649
+vulnerability,CVE-2023-40847,vulnerability--7cf80e65-979b-4b9c-9772-b1c533b43460
+vulnerability,CVE-2023-40843,vulnerability--4495f83f-c0b7-412d-9966-84963df27e25
+vulnerability,CVE-2023-40593,vulnerability--38b00ee5-c5d6-4bb1-a5a1-fecbc305a358
+vulnerability,CVE-2023-40839,vulnerability--d907386b-60c0-45fa-85e9-1dc0654c263f
+vulnerability,CVE-2023-40184,vulnerability--d958e86e-5840-4cfe-ac69-b00378eccf32
+vulnerability,CVE-2023-40582,vulnerability--28666625-8687-4838-9ceb-1b0b6a32228a
+vulnerability,CVE-2023-40841,vulnerability--231abd93-5901-4621-b8aa-f058ca87ee20
+vulnerability,CVE-2023-40594,vulnerability--f2e8bd6e-b5f6-4967-b26b-3016a2c02aab
+vulnerability,CVE-2023-40592,vulnerability--7c97faad-01e4-4109-8c24-7a3bf39ee31e
+vulnerability,CVE-2023-40848,vulnerability--f88fdddb-9259-49dc-8989-bbae779f8eca
+vulnerability,CVE-2023-40838,vulnerability--ea2a4f9d-b8aa-446b-8dd8-88582d883911
+vulnerability,CVE-2023-40840,vulnerability--73735062-1866-4cab-8367-ba1628908606
+vulnerability,CVE-2023-20266,vulnerability--53d8711c-05e6-4715-92c0-2e155c3bdd9b
+vulnerability,CVE-2023-28692,vulnerability--6c57f047-87ff-4e41-bf79-7ef05b613322
+vulnerability,CVE-2023-28415,vulnerability--01d7621e-e3f0-4dc0-ab0f-39b26c25452b
+vulnerability,CVE-2023-3992,vulnerability--7d006544-9ede-4bac-be6d-dc9d4cc4a8e7
+vulnerability,CVE-2023-3489,vulnerability--2c88076f-2d9c-46ad-9661-11152c417696
+vulnerability,CVE-2023-3356,vulnerability--a2dc567b-b140-406b-93d6-79e037fd0db5
+vulnerability,CVE-2023-3136,vulnerability--857a3407-46ef-4edc-a38d-fd1be7751998
+vulnerability,CVE-2023-3720,vulnerability--4c704a51-c2aa-4415-ba57-f0b437eff5eb
+vulnerability,CVE-2023-3501,vulnerability--99d17d32-f426-40bf-b3d4-0e871bc62770
+vulnerability,CVE-2023-39137,vulnerability--f6527581-5f97-422f-8715-b053b3851851
+vulnerability,CVE-2023-39135,vulnerability--29d22d5b-38d9-4202-b4bc-e1e06139ef47
+vulnerability,CVE-2023-39138,vulnerability--1dffbea0-cd77-43ab-94b5-6df67dfd3bed
+vulnerability,CVE-2023-39139,vulnerability--06d6abaf-de49-4319-9459-0961ab57f153
+vulnerability,CVE-2023-39136,vulnerability--73257a5c-e39e-4cd1-af53-4adff8ccda2b
+vulnerability,CVE-2023-31714,vulnerability--a3dcaa12-854c-4655-a0a0-0e1463e3093d
+vulnerability,CVE-2023-1982,vulnerability--dbe07401-1951-418a-a3b7-35f8180b297a
+vulnerability,CVE-2023-23765,vulnerability--83a85d3d-6148-4b98-a089-1493ef1d9629
+vulnerability,CVE-2023-36811,vulnerability--e9110026-f69f-4601-97a3-4a29e8e1f7c8
+vulnerability,CVE-2023-25466,vulnerability--404bfa9e-12f6-4dd4-8021-cc9736273e91
+vulnerability,CVE-2023-25453,vulnerability--30165cec-bb12-4e12-9a75-4629069146c7
+vulnerability,CVE-2023-25471,vulnerability--9f2fa5ee-a565-43b2-8a91-2261116edbb3
+vulnerability,CVE-2023-25019,vulnerability--44264feb-139c-4e9c-b477-7cb592fb212e
+vulnerability,CVE-2023-25462,vulnerability--2b19c100-e5e7-44e7-aea7-81fa8d96f47c
+vulnerability,CVE-2023-35094,vulnerability--688bf9d3-41db-41e4-a09a-1ad42356382b
+vulnerability,CVE-2023-35092,vulnerability--1d6aa7f9-7a46-41ce-b7c1-b1a660556a46
+vulnerability,CVE-2023-34173,vulnerability--a46d94a9-ce8f-4516-9920-0d94866e3455
+vulnerability,CVE-2023-34022,vulnerability--3790b23e-65fb-4497-8140-d5d0edb90920
+vulnerability,CVE-2023-34184,vulnerability--ad5b1b66-d761-47a6-af2f-5722f0461259
+vulnerability,CVE-2023-34008,vulnerability--2c6a4a3c-5b65-4ba6-bfab-133831998f82
+vulnerability,CVE-2023-34174,vulnerability--a87c89e0-d76f-4884-b620-d376d3d1c4ed
+vulnerability,CVE-2023-34187,vulnerability--5a820882-d663-4d9b-9e8d-48c3beb8597d
+vulnerability,CVE-2023-34180,vulnerability--e18e4073-664f-448c-bcf1-151067a78829
+vulnerability,CVE-2023-34032,vulnerability--1382a39e-9dc1-4642-934b-89827451a3ac
+vulnerability,CVE-2023-34023,vulnerability--c93260c2-8e90-4583-85c5-53e3b6844cae
+vulnerability,CVE-2023-34004,vulnerability--6b1b9289-9fb8-4f2f-949a-e9e5eb1ef5cb
+vulnerability,CVE-2023-34172,vulnerability--1dfb23b1-2f81-4c0c-a0ea-78b4acd9502b
+vulnerability,CVE-2023-34175,vulnerability--3946374c-02d0-4341-8eb1-b82b2c8de96e
+vulnerability,CVE-2023-34176,vulnerability--a06a671d-5f0b-4cfd-b30a-b0434a659b01
+vulnerability,CVE-2023-34183,vulnerability--06886e11-8f83-424e-a150-a8ba32af3f2e
+vulnerability,CVE-2023-34372,vulnerability--4b7e7879-aa55-46e7-b272-22c60df95083
+vulnerability,CVE-2023-33320,vulnerability--b0ccaf47-b036-4008-b8c4-077fa1894838
+vulnerability,CVE-2023-33317,vulnerability--3d603dc7-08a0-471e-9122-37c605dd11f9
+vulnerability,CVE-2023-33929,vulnerability--07dd6d4e-a016-468f-b8c4-6e1cb3253999
+vulnerability,CVE-2023-33210,vulnerability--1ac5e9b6-fcd6-4da5-8f64-9c8b20d5b83a
+vulnerability,CVE-2023-33208,vulnerability--cc4dce1a-6233-4362-96fc-19ceaedebcfe
+vulnerability,CVE-2023-33325,vulnerability--13dbcc0b-f2f4-4d0b-b14d-2fb6dc4fc78e
+vulnerability,CVE-2023-41040,vulnerability--17a42b83-aeb9-491a-ad9d-4df503fc3fe5
+vulnerability,CVE-2023-41555,vulnerability--5925ae06-a4d4-4649-ad56-3d75d7a6af8c
+vulnerability,CVE-2023-41163,vulnerability--775da1d9-401b-44ba-ae12-62c10a5dfe83
+vulnerability,CVE-2023-41039,vulnerability--e8a24c78-b2d8-4e22-983e-c7b488580158
+vulnerability,CVE-2023-41563,vulnerability--af57cceb-0417-4548-a9d7-5f5b8bbe2819
+vulnerability,CVE-2023-41556,vulnerability--ab7553cf-b2b8-4911-87b9-85a4b04e53a6
+vulnerability,CVE-2023-41554,vulnerability--35353e1a-676d-409c-b5d4-df54f1a1cbf3
+vulnerability,CVE-2023-41553,vulnerability--f746fac6-2558-4535-9750-e953acf55ee3
+vulnerability,CVE-2023-41041,vulnerability--c2ad58ed-a55e-4a0b-a70c-a959d3ab3da3
+vulnerability,CVE-2023-41562,vulnerability--76a04e8c-cb5f-480b-bf67-322ce8b7fb39
+vulnerability,CVE-2023-41557,vulnerability--f13f4bb6-2d19-4f68-9f59-c817b2e89e86
+vulnerability,CVE-2023-41538,vulnerability--4bef65db-2574-451f-9508-a3dc3863e6ae
+vulnerability,CVE-2023-41558,vulnerability--5fb4ce04-55f0-41bd-b6e2-e6f3c37a307d
+vulnerability,CVE-2023-41561,vulnerability--b7b928d8-509d-4d94-bc10-81c759b93516
+vulnerability,CVE-2023-41537,vulnerability--2130372a-87ee-4f6f-823b-8b9892cb4fcb
+vulnerability,CVE-2023-41539,vulnerability--679b56ae-1010-4d81-909d-3aa208b8cdb0
+vulnerability,CVE-2023-41552,vulnerability--7c9cd331-3371-46a2-a4ac-5b28ef707469
+vulnerability,CVE-2023-41560,vulnerability--23211f83-a30f-432e-bce4-129d82564db0
+vulnerability,CVE-2023-41559,vulnerability--6615dc40-ac51-45d7-b5f0-9729860bbcf1
+vulnerability,CVE-2023-32746,vulnerability--9cb75134-9b4b-4763-b162-dbb9f9ae0b3c
+vulnerability,CVE-2023-32294,vulnerability--177a67b8-2120-4e1c-823b-f61ba95b40df
+vulnerability,CVE-2023-32740,vulnerability--cfd1074b-741a-4a79-92f4-27a4022d1ce3
+vulnerability,CVE-2023-32597,vulnerability--bb0d5da0-66a0-4376-b37c-fada8407e301
+vulnerability,CVE-2023-32962,vulnerability--e084d30d-3681-4898-9f0b-cae5d86b9fa0
+vulnerability,CVE-2023-32802,vulnerability--907260aa-13c8-4a24-b5b0-ede44db61af8
+vulnerability,CVE-2023-32793,vulnerability--c1d58d97-a62f-4c99-9ebb-73953570384e
+vulnerability,CVE-2023-32801,vulnerability--2a60f196-db48-46bd-83c9-8e0c9ca35d3d
+vulnerability,CVE-2023-32742,vulnerability--57f00b4c-abaa-4cc5-a92b-282f61439d5c
+vulnerability,CVE-2023-24397,vulnerability--91320ae0-fd69-4b23-a5c5-404777c3f833
+vulnerability,CVE-2023-24401,vulnerability--98ac6127-3d4a-4b53-aa40-be1874f85af2
+vulnerability,CVE-2023-4600,vulnerability--2fdd32bd-e697-410b-a70e-5da105c60e7a
+vulnerability,CVE-2023-4522,vulnerability--57d00ef8-4a56-47cf-9183-c7cf50015a0b
+vulnerability,CVE-2023-4023,vulnerability--7fb5b2b5-dea0-4040-9879-46be7cb4ea5d
+vulnerability,CVE-2023-4640,vulnerability--55bac690-7fb4-48fd-816d-7779fa3dd06c
+vulnerability,CVE-2023-4150,vulnerability--08c2b318-b289-49bf-8a70-7e311464a79f
+vulnerability,CVE-2023-4624,vulnerability--f23eac98-8bf6-4341-98f7-124fe3961f21
+vulnerability,CVE-2023-4597,vulnerability--87347964-cfc7-4cc8-a56d-4cae9d3eb1f0
+vulnerability,CVE-2023-4599,vulnerability--72eb2509-0f76-4ecd-a936-522f939c2ae9
+vulnerability,CVE-2023-4036,vulnerability--fd137f78-a0eb-4dde-99a4-d66517211542
+vulnerability,CVE-2023-4109,vulnerability--a5cd1e19-25e8-433d-8055-6ef45be302dc
+vulnerability,CVE-2023-4596,vulnerability--b760fbe0-14ab-44e3-be03-292704342629
+vulnerability,CVE-2023-4013,vulnerability--42d9ae82-8182-4f70-bdeb-4ed0638c4c38
+vulnerability,CVE-2023-4209,vulnerability--e3a7aa4b-462c-4a86-aa19-92b8c38c01f1
+vulnerability,CVE-2023-4035,vulnerability--05fba35f-233e-4e6e-83d1-7887ce05e116
+vulnerability,CVE-2023-4571,vulnerability--c298dcac-5f4c-43d4-a17c-c3541f6b7e37
+vulnerability,CVE-2023-27426,vulnerability--f8d17965-3f7c-4769-bda4-3044cb691662
+vulnerability,CVE-2023-27621,vulnerability--dbe99232-9b37-4091-8ee6-2dd092155b6b
+vulnerability,CVE-2022-1601,vulnerability--c7b4bea1-a722-4f1e-98bd-417df328910c

objects/vulnerability/vulnerability--01d7621e-e3f0-4dc0-ab0f-39b26c25452b.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--05c9b62c-1991-4433-83ec-f18b7c537328",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--01d7621e-e3f0-4dc0-ab0f-39b26c25452b",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.023653Z",
+            "modified": "2023-08-31T00:05:09.023653Z",
+            "name": "CVE-2023-28415",
+            "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-28415"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--05fba35f-233e-4e6e-83d1-7887ce05e116.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--caddeb28-9a55-4938-87c4-3c8909cf9ae5",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--05fba35f-233e-4e6e-83d1-7887ce05e116",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:10.281057Z",
+            "modified": "2023-08-31T00:05:10.281057Z",
+            "name": "CVE-2023-4035",
+            "description": "The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-4035"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--06886e11-8f83-424e-a150-a8ba32af3f2e.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--4409192d-576a-4426-b74e-92e0d2e31650",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--06886e11-8f83-424e-a150-a8ba32af3f2e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.707978Z",
+            "modified": "2023-08-31T00:05:09.707978Z",
+            "name": "CVE-2023-34183",
+            "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Valiano Unite Gallery Lite plugin <= 1.7.61 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-34183"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--06d6abaf-de49-4319-9459-0961ab57f153.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--1236ccd4-6fc1-44f8-b8a1-f7b1e6e9ecc5",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--06d6abaf-de49-4319-9459-0961ab57f153",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.135497Z",
+            "modified": "2023-08-31T00:05:09.135497Z",
+            "name": "CVE-2023-39139",
+            "description": "An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-39139"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--07dd6d4e-a016-468f-b8c4-6e1cb3253999.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--43d411ed-2d89-4cd7-810d-3f0237dd07a9",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--07dd6d4e-a016-468f-b8c4-6e1cb3253999",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.739928Z",
+            "modified": "2023-08-31T00:05:09.739928Z",
+            "name": "CVE-2023-33929",
+            "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaquín Ruiz Easy Admin Menu plugin <= 1.3 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-33929"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--08c2b318-b289-49bf-8a70-7e311464a79f.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--36e3a958-fa90-4c1a-853d-5a07d657d1f5",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--08c2b318-b289-49bf-8a70-7e311464a79f",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:10.254438Z",
+            "modified": "2023-08-31T00:05:10.254438Z",
+            "name": "CVE-2023-4150",
+            "description": "The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-4150"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1382a39e-9dc1-4642-934b-89827451a3ac.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e8427e27-8788-4182-8fd2-ac645c030e03",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1382a39e-9dc1-4642-934b-89827451a3ac",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.674299Z",
+            "modified": "2023-08-31T00:05:09.674299Z",
+            "name": "CVE-2023-34032",
+            "description": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-34032"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--13dbcc0b-f2f4-4d0b-b14d-2fb6dc4fc78e.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--00746f6d-da56-4d1c-94cd-1429bf975e57",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--13dbcc0b-f2f4-4d0b-b14d-2fb6dc4fc78e",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.770245Z",
+            "modified": "2023-08-31T00:05:09.770245Z",
+            "name": "CVE-2023-33325",
+            "description": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.1 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-33325"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--177a67b8-2120-4e1c-823b-f61ba95b40df.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--2da0990a-46f8-4c7f-b8f0-5527e19a5552",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--177a67b8-2120-4e1c-823b-f61ba95b40df",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.833792Z",
+            "modified": "2023-08-31T00:05:09.833792Z",
+            "name": "CVE-2023-32294",
+            "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin <= 1.1.6 versions.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-32294"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--17a42b83-aeb9-491a-ad9d-4df503fc3fe5.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e13d9009-18d4-4936-8961-d53dd6e08b19",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--17a42b83-aeb9-491a-ad9d-4df503fc3fe5",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2023-08-31T00:05:09.772907Z",
+            "modified": "2023-08-31T00:05:09.772907Z",
+            "name": "CVE-2023-41040",
+            "description": " GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2023-41040"
+                }
+            ]
+        }
+    ]
+}