更新：20240807

Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-08-07 09:51:34 +08:00 · 2024-08-07 09:51:34 +08:00 · 5cde716b34
commit 5cde716b34
parent 658ba0e7e8
93 changed files with 91131 additions and 31 deletions
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1881.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1881.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1882.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1882.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1883.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1883.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1884.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1884.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1885.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1885.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1886.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1886.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1887.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1887.json
@ -0,0 +1,253 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-zipp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-24.03-LTS",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"A pathlib-compatible Zipfile object wrapper. A backport of the Path object.\n\nSecurity Fix(es):\n\nA Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.(CVE-2024-5569)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-zipp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1887",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1887"
+			},
+			{
+				"summary":"CVE-2024-5569",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5569&packageName=python-zipp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
+			},
+			{
+				"summary":"openEuler-SA-2024-1887 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1887.json"
+			}
+		],
+		"title":"An update for python-zipp is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:31+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:31+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:31+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:31+08:00",
+			"id":"openEuler-SA-2024-1887",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-zipp-3.17.0-2.oe2403.src.rpm",
+									"name":"python-zipp-3.17.0-2.oe2403.src.rpm"
+								},
+								"name":"python-zipp-3.17.0-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-zipp-help-3.17.0-2.oe2403.noarch.rpm",
+									"name":"python-zipp-help-3.17.0-2.oe2403.noarch.rpm"
+								},
+								"name":"python-zipp-help-3.17.0-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-zipp-3.17.0-2.oe2403.noarch.rpm",
+									"name":"python3-zipp-3.17.0-2.oe2403.noarch.rpm"
+								},
+								"name":"python3-zipp-3.17.0-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-zipp-3.17.0-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-zipp-3.17.0-2.oe2403.src",
+					"name":"python-zipp-3.17.0-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-zipp-help-3.17.0-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-zipp-help-3.17.0-2.oe2403.noarch",
+					"name":"python-zipp-help-3.17.0-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-zipp-3.17.0-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-zipp-3.17.0-2.oe2403.noarch",
+					"name":"python3-zipp-3.17.0-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5569",
+			"notes":[
+				{
+					"text":"A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:python-zipp-3.17.0-2.oe2403.src",
+					"openEuler-24.03-LTS:python-zipp-help-3.17.0-2.oe2403.noarch",
+					"openEuler-24.03-LTS:python3-zipp-3.17.0-2.oe2403.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:python-zipp-3.17.0-2.oe2403.src",
+						"openEuler-24.03-LTS:python-zipp-help-3.17.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-zipp-3.17.0-2.oe2403.noarch"
+					],
+					"details":"python-zipp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1887"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.2,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:python-zipp-3.17.0-2.oe2403.src",
+						"openEuler-24.03-LTS:python-zipp-help-3.17.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-zipp-3.17.0-2.oe2403.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5569"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1888.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1888.json
@ -0,0 +1,253 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-zipp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP4",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"A pathlib-compatible Zipfile object wrapper. A backport of the Path object.\n\nSecurity Fix(es):\n\nA Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.(CVE-2024-5569)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-zipp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1888",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1888"
+			},
+			{
+				"summary":"CVE-2024-5569",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5569&packageName=python-zipp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
+			},
+			{
+				"summary":"openEuler-SA-2024-1888 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1888.json"
+			}
+		],
+		"title":"An update for python-zipp is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:32+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:32+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:32+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:32+08:00",
+			"id":"openEuler-SA-2024-1888",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python-zipp-3.7.0-3.oe2203sp4.src.rpm",
+									"name":"python-zipp-3.7.0-3.oe2203sp4.src.rpm"
+								},
+								"name":"python-zipp-3.7.0-3.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python-zipp-help-3.7.0-3.oe2203sp4.noarch.rpm",
+									"name":"python-zipp-help-3.7.0-3.oe2203sp4.noarch.rpm"
+								},
+								"name":"python-zipp-help-3.7.0-3.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python3-zipp-3.7.0-3.oe2203sp4.noarch.rpm",
+									"name":"python3-zipp-3.7.0-3.oe2203sp4.noarch.rpm"
+								},
+								"name":"python3-zipp-3.7.0-3.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python-zipp-3.7.0-3.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python-zipp-3.7.0-3.oe2203sp4.src",
+					"name":"python-zipp-3.7.0-3.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python-zipp-help-3.7.0-3.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python-zipp-help-3.7.0-3.oe2203sp4.noarch",
+					"name":"python-zipp-help-3.7.0-3.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python3-zipp-3.7.0-3.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python3-zipp-3.7.0-3.oe2203sp4.noarch",
+					"name":"python3-zipp-3.7.0-3.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5569",
+			"notes":[
+				{
+					"text":"A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:python-zipp-3.7.0-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:python-zipp-help-3.7.0-3.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:python3-zipp-3.7.0-3.oe2203sp4.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:python-zipp-3.7.0-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:python-zipp-help-3.7.0-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python3-zipp-3.7.0-3.oe2203sp4.noarch"
+					],
+					"details":"python-zipp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1888"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.2,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:python-zipp-3.7.0-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:python-zipp-help-3.7.0-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python3-zipp-3.7.0-3.oe2203sp4.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5569"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1889.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1889.json
@ -0,0 +1,253 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-zipp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP3",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"A pathlib-compatible Zipfile object wrapper. A backport of the Path object.\n\nSecurity Fix(es):\n\nA Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.(CVE-2024-5569)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-zipp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1889",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1889"
+			},
+			{
+				"summary":"CVE-2024-5569",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5569&packageName=python-zipp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
+			},
+			{
+				"summary":"openEuler-SA-2024-1889 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1889.json"
+			}
+		],
+		"title":"An update for python-zipp is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:33+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:33+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:33+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:33+08:00",
+			"id":"openEuler-SA-2024-1889",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-zipp-3.7.0-3.oe2203sp3.src.rpm",
+									"name":"python-zipp-3.7.0-3.oe2203sp3.src.rpm"
+								},
+								"name":"python-zipp-3.7.0-3.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-zipp-help-3.7.0-3.oe2203sp3.noarch.rpm",
+									"name":"python-zipp-help-3.7.0-3.oe2203sp3.noarch.rpm"
+								},
+								"name":"python-zipp-help-3.7.0-3.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-zipp-3.7.0-3.oe2203sp3.noarch.rpm",
+									"name":"python3-zipp-3.7.0-3.oe2203sp3.noarch.rpm"
+								},
+								"name":"python3-zipp-3.7.0-3.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-zipp-3.7.0-3.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-zipp-3.7.0-3.oe2203sp3.src",
+					"name":"python-zipp-3.7.0-3.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-zipp-help-3.7.0-3.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-zipp-help-3.7.0-3.oe2203sp3.noarch",
+					"name":"python-zipp-help-3.7.0-3.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-zipp-3.7.0-3.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-zipp-3.7.0-3.oe2203sp3.noarch",
+					"name":"python3-zipp-3.7.0-3.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5569",
+			"notes":[
+				{
+					"text":"A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:python-zipp-3.7.0-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:python-zipp-help-3.7.0-3.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:python3-zipp-3.7.0-3.oe2203sp3.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:python-zipp-3.7.0-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python-zipp-help-3.7.0-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python3-zipp-3.7.0-3.oe2203sp3.noarch"
+					],
+					"details":"python-zipp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1889"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.2,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:python-zipp-3.7.0-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python-zipp-help-3.7.0-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python3-zipp-3.7.0-3.oe2203sp3.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5569"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1890.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1890.json
@ -0,0 +1,253 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-zipp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP1",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"A pathlib-compatible Zipfile object wrapper. A backport of the Path object.\n\nSecurity Fix(es):\n\nA Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.(CVE-2024-5569)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-zipp is now available for openEuler-22.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-zipp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1890",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1890"
+			},
+			{
+				"summary":"CVE-2024-5569",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5569&packageName=python-zipp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
+			},
+			{
+				"summary":"openEuler-SA-2024-1890 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1890.json"
+			}
+		],
+		"title":"An update for python-zipp is now available for openEuler-22.03-LTS-SP1",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:34+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:34+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:34+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:34+08:00",
+			"id":"openEuler-SA-2024-1890",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-zipp-3.7.0-3.oe2203sp1.src.rpm",
+									"name":"python-zipp-3.7.0-3.oe2203sp1.src.rpm"
+								},
+								"name":"python-zipp-3.7.0-3.oe2203sp1.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-zipp-help-3.7.0-3.oe2203sp1.noarch.rpm",
+									"name":"python-zipp-help-3.7.0-3.oe2203sp1.noarch.rpm"
+								},
+								"name":"python-zipp-help-3.7.0-3.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python3-zipp-3.7.0-3.oe2203sp1.noarch.rpm",
+									"name":"python3-zipp-3.7.0-3.oe2203sp1.noarch.rpm"
+								},
+								"name":"python3-zipp-3.7.0-3.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-zipp-3.7.0-3.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-zipp-3.7.0-3.oe2203sp1.src",
+					"name":"python-zipp-3.7.0-3.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-zipp-help-3.7.0-3.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-zipp-help-3.7.0-3.oe2203sp1.noarch",
+					"name":"python-zipp-help-3.7.0-3.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python3-zipp-3.7.0-3.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python3-zipp-3.7.0-3.oe2203sp1.noarch",
+					"name":"python3-zipp-3.7.0-3.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5569",
+			"notes":[
+				{
+					"text":"A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:python-zipp-3.7.0-3.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:python-zipp-help-3.7.0-3.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP1:python3-zipp-3.7.0-3.oe2203sp1.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:python-zipp-3.7.0-3.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:python-zipp-help-3.7.0-3.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python3-zipp-3.7.0-3.oe2203sp1.noarch"
+					],
+					"details":"python-zipp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1890"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.2,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:python-zipp-3.7.0-3.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:python-zipp-help-3.7.0-3.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python3-zipp-3.7.0-3.oe2203sp1.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5569"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1891.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1891.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1892.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1892.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1893.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1893.json
@ -0,0 +1,450 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"firefox security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for firefox is now available for openEuler-20.03-LTS-SP4",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.\n\nSecurity Fix(es):\n\nInstruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.(CVE-2021-29984)\n\nFirefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.(CVE-2021-29988)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for firefox is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"firefox",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1893",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1893"
+			},
+			{
+				"summary":"CVE-2021-29984",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-29984&packageName=firefox"
+			},
+			{
+				"summary":"CVE-2021-29988",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-29988&packageName=firefox"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29984"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29988"
+			},
+			{
+				"summary":"openEuler-SA-2024-1893 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1893.json"
+			}
+		],
+		"title":"An update for firefox is now available for openEuler-20.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:38+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:38+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:38+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:38+08:00",
+			"id":"openEuler-SA-2024-1893",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"openEuler-20.03-LTS-SP4",
+									"name":"openEuler-20.03-LTS-SP4"
+								},
+								"name":"openEuler-20.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-79.0-28.oe2003sp4.aarch64.rpm",
+									"name":"firefox-79.0-28.oe2003sp4.aarch64.rpm"
+								},
+								"name":"firefox-79.0-28.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-debuginfo-79.0-28.oe2003sp4.aarch64.rpm",
+									"name":"firefox-debuginfo-79.0-28.oe2003sp4.aarch64.rpm"
+								},
+								"name":"firefox-debuginfo-79.0-28.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-debugsource-79.0-28.oe2003sp4.aarch64.rpm",
+									"name":"firefox-debugsource-79.0-28.oe2003sp4.aarch64.rpm"
+								},
+								"name":"firefox-debugsource-79.0-28.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-79.0-28.oe2003sp4.src.rpm",
+									"name":"firefox-79.0-28.oe2003sp4.src.rpm"
+								},
+								"name":"firefox-79.0-28.oe2003sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-79.0-28.oe2003sp4.x86_64.rpm",
+									"name":"firefox-79.0-28.oe2003sp4.x86_64.rpm"
+								},
+								"name":"firefox-79.0-28.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+									"name":"firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm"
+								},
+								"name":"firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"firefox-debugsource-79.0-28.oe2003sp4.x86_64.rpm",
+									"name":"firefox-debugsource-79.0-28.oe2003sp4.x86_64.rpm"
+								},
+								"name":"firefox-debugsource-79.0-28.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+									"name":"mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm"
+								},
+								"name":"mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-79.0-28.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+					"name":"firefox-79.0-28.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-debuginfo-79.0-28.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+					"name":"firefox-debuginfo-79.0-28.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-debugsource-79.0-28.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+					"name":"firefox-debugsource-79.0-28.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-79.0-28.oe2003sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+					"name":"firefox-79.0-28.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-79.0-28.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+					"name":"firefox-79.0-28.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+					"name":"firefox-debuginfo-79.0-28.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"firefox-debugsource-79.0-28.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+					"name":"firefox-debugsource-79.0-28.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+					"name":"mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2021-29984",
+			"notes":[
+				{
+					"text":"Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+					],
+					"details":"firefox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1893"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":8.8,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2021-29984"
+		},
+		{
+			"cve":"CVE-2021-29988",
+			"notes":[
+				{
+					"text":"Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+					"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+					],
+					"details":"firefox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1893"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":8.8,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:firefox-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debuginfo-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:firefox-debugsource-79.0-28.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:mozilla-crashreporter-firefox-debuginfo-79.0-28.oe2003sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2021-29988"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1894.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1894.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1895.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1895.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1896.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1896.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1897.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1897.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1898.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1898.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1899.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1899.json
@ -0,0 +1,253 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"dnsjava security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for dnsjava is now available for openEuler-24.03-LTS",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"dnsjava is an implementation of DNS in Java. It supports all of the common record types and the DNSSEC types. It can be used for queries, zone transfers, and dynamic updates. It includes a cache which can be used by clients, and a minimal implementation of a server. It supports TSIG authenticated messages, partial DNSSEC verification, and EDNS0. dnsjava provides functionality above and beyond that of the InetAddress class. Since it is written in pure Java, dnsjava is fully threadable, and in many cases is faster than using InetAddress. dnsjava provides both high and low level access to DNS. The high level functions perform queries for records of a given name, type, and class, and return an array of records. There is also a clone of InetAddress, which is even simpler. A cache is used to reduce the number of DNS queries sent. The low level functions allow direct manipulation of dns messages and records, as well as allowing additional resolver properties to be set. A 'dig' clone and a dynamic update program are included, as well as a primary-only server.\n\nSecurity Fix(es):\n\ndnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.(CVE-2024-25638)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for dnsjava is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"dnsjava",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1899",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1899"
+			},
+			{
+				"summary":"CVE-2024-25638",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-25638&packageName=dnsjava"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25638"
+			},
+			{
+				"summary":"openEuler-SA-2024-1899 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1899.json"
+			}
+		],
+		"title":"An update for dnsjava is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:50+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:50+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:50+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:50+08:00",
+			"id":"openEuler-SA-2024-1899",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"dnsjava-3.5.3-2.oe2403.noarch.rpm",
+									"name":"dnsjava-3.5.3-2.oe2403.noarch.rpm"
+								},
+								"name":"dnsjava-3.5.3-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"dnsjava-javadoc-3.5.3-2.oe2403.noarch.rpm",
+									"name":"dnsjava-javadoc-3.5.3-2.oe2403.noarch.rpm"
+								},
+								"name":"dnsjava-javadoc-3.5.3-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"dnsjava-3.5.3-2.oe2403.src.rpm",
+									"name":"dnsjava-3.5.3-2.oe2403.src.rpm"
+								},
+								"name":"dnsjava-3.5.3-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"dnsjava-3.5.3-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.noarch",
+					"name":"dnsjava-3.5.3-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"dnsjava-javadoc-3.5.3-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:dnsjava-javadoc-3.5.3-2.oe2403.noarch",
+					"name":"dnsjava-javadoc-3.5.3-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"dnsjava-3.5.3-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.src",
+					"name":"dnsjava-3.5.3-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-25638",
+			"notes":[
+				{
+					"text":"dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.noarch",
+					"openEuler-24.03-LTS:dnsjava-javadoc-3.5.3-2.oe2403.noarch",
+					"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.noarch",
+						"openEuler-24.03-LTS:dnsjava-javadoc-3.5.3-2.oe2403.noarch",
+						"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.src"
+					],
+					"details":"dnsjava security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1899"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":8.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.noarch",
+						"openEuler-24.03-LTS:dnsjava-javadoc-3.5.3-2.oe2403.noarch",
+						"openEuler-24.03-LTS:dnsjava-3.5.3-2.oe2403.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-25638"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1900.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1900.json
@ -0,0 +1,443 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"busybox security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-22.03-LTS-SP3",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system.\n\nSecurity Fix(es):\n\nA use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.(CVE-2023-42363)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"busybox",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1900",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1900"
+			},
+			{
+				"summary":"CVE-2023-42363",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-42363&packageName=busybox"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-42363"
+			},
+			{
+				"summary":"openEuler-SA-2024-1900 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1900.json"
+			}
+		],
+		"title":"An update for busybox is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:51+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:51+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:51+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:51+08:00",
+			"id":"openEuler-SA-2024-1900",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-1.34.1-21.oe2203sp3.aarch64.rpm",
+									"name":"busybox-1.34.1-21.oe2203sp3.aarch64.rpm"
+								},
+								"name":"busybox-1.34.1-21.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64.rpm",
+									"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64.rpm"
+								},
+								"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-debugsource-1.34.1-21.oe2203sp3.aarch64.rpm",
+									"name":"busybox-debugsource-1.34.1-21.oe2203sp3.aarch64.rpm"
+								},
+								"name":"busybox-debugsource-1.34.1-21.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-help-1.34.1-21.oe2203sp3.aarch64.rpm",
+									"name":"busybox-help-1.34.1-21.oe2203sp3.aarch64.rpm"
+								},
+								"name":"busybox-help-1.34.1-21.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-petitboot-1.34.1-21.oe2203sp3.aarch64.rpm",
+									"name":"busybox-petitboot-1.34.1-21.oe2203sp3.aarch64.rpm"
+								},
+								"name":"busybox-petitboot-1.34.1-21.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-1.34.1-21.oe2203sp3.src.rpm",
+									"name":"busybox-1.34.1-21.oe2203sp3.src.rpm"
+								},
+								"name":"busybox-1.34.1-21.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-1.34.1-21.oe2203sp3.x86_64.rpm",
+									"name":"busybox-1.34.1-21.oe2203sp3.x86_64.rpm"
+								},
+								"name":"busybox-1.34.1-21.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64.rpm",
+									"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64.rpm"
+								},
+								"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-debugsource-1.34.1-21.oe2203sp3.x86_64.rpm",
+									"name":"busybox-debugsource-1.34.1-21.oe2203sp3.x86_64.rpm"
+								},
+								"name":"busybox-debugsource-1.34.1-21.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-help-1.34.1-21.oe2203sp3.x86_64.rpm",
+									"name":"busybox-help-1.34.1-21.oe2203sp3.x86_64.rpm"
+								},
+								"name":"busybox-help-1.34.1-21.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"busybox-petitboot-1.34.1-21.oe2203sp3.x86_64.rpm",
+									"name":"busybox-petitboot-1.34.1-21.oe2203sp3.x86_64.rpm"
+								},
+								"name":"busybox-petitboot-1.34.1-21.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-1.34.1-21.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.aarch64",
+					"name":"busybox-1.34.1-21.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64",
+					"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-debugsource-1.34.1-21.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.aarch64",
+					"name":"busybox-debugsource-1.34.1-21.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-help-1.34.1-21.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.aarch64",
+					"name":"busybox-help-1.34.1-21.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-petitboot-1.34.1-21.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.aarch64",
+					"name":"busybox-petitboot-1.34.1-21.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-1.34.1-21.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.src",
+					"name":"busybox-1.34.1-21.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-1.34.1-21.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.x86_64",
+					"name":"busybox-1.34.1-21.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64",
+					"name":"busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-debugsource-1.34.1-21.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.x86_64",
+					"name":"busybox-debugsource-1.34.1-21.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-help-1.34.1-21.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.x86_64",
+					"name":"busybox-help-1.34.1-21.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"busybox-petitboot-1.34.1-21.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.x86_64",
+					"name":"busybox-petitboot-1.34.1-21.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-42363",
+			"notes":[
+				{
+					"text":"A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.x86_64"
+					],
+					"details":"busybox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1900"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.5,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:busybox-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-debuginfo-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-debugsource-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-help-1.34.1-21.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:busybox-petitboot-1.34.1-21.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-42363"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1901.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1901.json
@ -0,0 +1,443 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"busybox security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-20.03-LTS-SP4",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system.\n\nSecurity Fix(es):\n\nA use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.(CVE-2023-42363)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"busybox",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1901",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1901"
+			},
+			{
+				"summary":"CVE-2023-42363",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-42363&packageName=busybox"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-42363"
+			},
+			{
+				"summary":"openEuler-SA-2024-1901 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1901.json"
+			}
+		],
+		"title":"An update for busybox is now available for openEuler-20.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:52+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:52+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:52+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:52+08:00",
+			"id":"openEuler-SA-2024-1901",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"openEuler-20.03-LTS-SP4",
+									"name":"openEuler-20.03-LTS-SP4"
+								},
+								"name":"openEuler-20.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-1.31.1-22.oe2003sp4.aarch64.rpm",
+									"name":"busybox-1.31.1-22.oe2003sp4.aarch64.rpm"
+								},
+								"name":"busybox-1.31.1-22.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64.rpm",
+									"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64.rpm"
+								},
+								"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-debugsource-1.31.1-22.oe2003sp4.aarch64.rpm",
+									"name":"busybox-debugsource-1.31.1-22.oe2003sp4.aarch64.rpm"
+								},
+								"name":"busybox-debugsource-1.31.1-22.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-help-1.31.1-22.oe2003sp4.aarch64.rpm",
+									"name":"busybox-help-1.31.1-22.oe2003sp4.aarch64.rpm"
+								},
+								"name":"busybox-help-1.31.1-22.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-petitboot-1.31.1-22.oe2003sp4.aarch64.rpm",
+									"name":"busybox-petitboot-1.31.1-22.oe2003sp4.aarch64.rpm"
+								},
+								"name":"busybox-petitboot-1.31.1-22.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-1.31.1-22.oe2003sp4.src.rpm",
+									"name":"busybox-1.31.1-22.oe2003sp4.src.rpm"
+								},
+								"name":"busybox-1.31.1-22.oe2003sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-1.31.1-22.oe2003sp4.x86_64.rpm",
+									"name":"busybox-1.31.1-22.oe2003sp4.x86_64.rpm"
+								},
+								"name":"busybox-1.31.1-22.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64.rpm",
+									"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64.rpm"
+								},
+								"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-debugsource-1.31.1-22.oe2003sp4.x86_64.rpm",
+									"name":"busybox-debugsource-1.31.1-22.oe2003sp4.x86_64.rpm"
+								},
+								"name":"busybox-debugsource-1.31.1-22.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-help-1.31.1-22.oe2003sp4.x86_64.rpm",
+									"name":"busybox-help-1.31.1-22.oe2003sp4.x86_64.rpm"
+								},
+								"name":"busybox-help-1.31.1-22.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"busybox-petitboot-1.31.1-22.oe2003sp4.x86_64.rpm",
+									"name":"busybox-petitboot-1.31.1-22.oe2003sp4.x86_64.rpm"
+								},
+								"name":"busybox-petitboot-1.31.1-22.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-1.31.1-22.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.aarch64",
+					"name":"busybox-1.31.1-22.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64",
+					"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-debugsource-1.31.1-22.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.aarch64",
+					"name":"busybox-debugsource-1.31.1-22.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-help-1.31.1-22.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.aarch64",
+					"name":"busybox-help-1.31.1-22.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-petitboot-1.31.1-22.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.aarch64",
+					"name":"busybox-petitboot-1.31.1-22.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-1.31.1-22.oe2003sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.src",
+					"name":"busybox-1.31.1-22.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-1.31.1-22.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.x86_64",
+					"name":"busybox-1.31.1-22.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64",
+					"name":"busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-debugsource-1.31.1-22.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.x86_64",
+					"name":"busybox-debugsource-1.31.1-22.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-help-1.31.1-22.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.x86_64",
+					"name":"busybox-help-1.31.1-22.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"busybox-petitboot-1.31.1-22.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.x86_64",
+					"name":"busybox-petitboot-1.31.1-22.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-42363",
+			"notes":[
+				{
+					"text":"A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.src",
+					"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.x86_64"
+					],
+					"details":"busybox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1901"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.5,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:busybox-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-debuginfo-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-debugsource-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-help-1.31.1-22.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:busybox-petitboot-1.31.1-22.oe2003sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-42363"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1902.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1902.json
@ -0,0 +1,443 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"busybox security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-24.03-LTS",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system.\n\nSecurity Fix(es):\n\nA use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.(CVE-2023-42363)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for busybox is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"busybox",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1902",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1902"
+			},
+			{
+				"summary":"CVE-2023-42363",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-42363&packageName=busybox"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-42363"
+			},
+			{
+				"summary":"openEuler-SA-2024-1902 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1902.json"
+			}
+		],
+		"title":"An update for busybox is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:53+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:53+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:53+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:53+08:00",
+			"id":"openEuler-SA-2024-1902",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-1.36.1-6.oe2403.x86_64.rpm",
+									"name":"busybox-1.36.1-6.oe2403.x86_64.rpm"
+								},
+								"name":"busybox-1.36.1-6.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-debuginfo-1.36.1-6.oe2403.x86_64.rpm",
+									"name":"busybox-debuginfo-1.36.1-6.oe2403.x86_64.rpm"
+								},
+								"name":"busybox-debuginfo-1.36.1-6.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-debugsource-1.36.1-6.oe2403.x86_64.rpm",
+									"name":"busybox-debugsource-1.36.1-6.oe2403.x86_64.rpm"
+								},
+								"name":"busybox-debugsource-1.36.1-6.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-help-1.36.1-6.oe2403.x86_64.rpm",
+									"name":"busybox-help-1.36.1-6.oe2403.x86_64.rpm"
+								},
+								"name":"busybox-help-1.36.1-6.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-petitboot-1.36.1-6.oe2403.x86_64.rpm",
+									"name":"busybox-petitboot-1.36.1-6.oe2403.x86_64.rpm"
+								},
+								"name":"busybox-petitboot-1.36.1-6.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-1.36.1-6.oe2403.aarch64.rpm",
+									"name":"busybox-1.36.1-6.oe2403.aarch64.rpm"
+								},
+								"name":"busybox-1.36.1-6.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-debuginfo-1.36.1-6.oe2403.aarch64.rpm",
+									"name":"busybox-debuginfo-1.36.1-6.oe2403.aarch64.rpm"
+								},
+								"name":"busybox-debuginfo-1.36.1-6.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-debugsource-1.36.1-6.oe2403.aarch64.rpm",
+									"name":"busybox-debugsource-1.36.1-6.oe2403.aarch64.rpm"
+								},
+								"name":"busybox-debugsource-1.36.1-6.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-help-1.36.1-6.oe2403.aarch64.rpm",
+									"name":"busybox-help-1.36.1-6.oe2403.aarch64.rpm"
+								},
+								"name":"busybox-help-1.36.1-6.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-petitboot-1.36.1-6.oe2403.aarch64.rpm",
+									"name":"busybox-petitboot-1.36.1-6.oe2403.aarch64.rpm"
+								},
+								"name":"busybox-petitboot-1.36.1-6.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"busybox-1.36.1-6.oe2403.src.rpm",
+									"name":"busybox-1.36.1-6.oe2403.src.rpm"
+								},
+								"name":"busybox-1.36.1-6.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-1.36.1-6.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.x86_64",
+					"name":"busybox-1.36.1-6.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-debuginfo-1.36.1-6.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.x86_64",
+					"name":"busybox-debuginfo-1.36.1-6.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-debugsource-1.36.1-6.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.x86_64",
+					"name":"busybox-debugsource-1.36.1-6.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-help-1.36.1-6.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.x86_64",
+					"name":"busybox-help-1.36.1-6.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-petitboot-1.36.1-6.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.x86_64",
+					"name":"busybox-petitboot-1.36.1-6.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-1.36.1-6.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.aarch64",
+					"name":"busybox-1.36.1-6.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-debuginfo-1.36.1-6.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.aarch64",
+					"name":"busybox-debuginfo-1.36.1-6.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-debugsource-1.36.1-6.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.aarch64",
+					"name":"busybox-debugsource-1.36.1-6.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-help-1.36.1-6.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.aarch64",
+					"name":"busybox-help-1.36.1-6.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-petitboot-1.36.1-6.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.aarch64",
+					"name":"busybox-petitboot-1.36.1-6.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"busybox-1.36.1-6.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.src",
+					"name":"busybox-1.36.1-6.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-42363",
+			"notes":[
+				{
+					"text":"A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.x86_64",
+					"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.x86_64",
+					"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.x86_64",
+					"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.x86_64",
+					"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.x86_64",
+					"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.aarch64",
+					"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.aarch64",
+					"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.aarch64",
+					"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.aarch64",
+					"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.aarch64",
+					"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.src"
+					],
+					"details":"busybox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1902"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.5,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.x86_64",
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-debuginfo-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-debugsource-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-help-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-petitboot-1.36.1-6.oe2403.aarch64",
+						"openEuler-24.03-LTS:busybox-1.36.1-6.oe2403.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-42363"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1903.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1903.json
@ -0,0 +1,397 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"dnsmasq security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP3",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.\n\nSecurity Fix(es):\n\ndnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.(CVE-2023-49441)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"dnsmasq",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1903",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1903"
+			},
+			{
+				"summary":"CVE-2023-49441",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-49441&packageName=dnsmasq"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49441"
+			},
+			{
+				"summary":"openEuler-SA-2024-1903 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1903.json"
+			}
+		],
+		"title":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:55+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:55+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:55+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:55+08:00",
+			"id":"openEuler-SA-2024-1903",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp3.aarch64.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp3.aarch64.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64.rpm",
+									"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64.rpm",
+									"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-help-2.86-8.oe2203sp3.aarch64.rpm",
+									"name":"dnsmasq-help-2.86-8.oe2203sp3.aarch64.rpm"
+								},
+								"name":"dnsmasq-help-2.86-8.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp3.src.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp3.src.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp3.x86_64.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp3.x86_64.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64.rpm",
+									"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64.rpm",
+									"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"dnsmasq-help-2.86-8.oe2203sp3.x86_64.rpm",
+									"name":"dnsmasq-help-2.86-8.oe2203sp3.x86_64.rpm"
+								},
+								"name":"dnsmasq-help-2.86-8.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.aarch64",
+					"name":"dnsmasq-2.86-8.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64",
+					"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64",
+					"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-help-2.86-8.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.aarch64",
+					"name":"dnsmasq-help-2.86-8.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.src",
+					"name":"dnsmasq-2.86-8.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.x86_64",
+					"name":"dnsmasq-2.86-8.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64",
+					"name":"dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64",
+					"name":"dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"dnsmasq-help-2.86-8.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.x86_64",
+					"name":"dnsmasq-help-2.86-8.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-49441",
+			"notes":[
+				{
+					"text":"dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.x86_64"
+					],
+					"details":"dnsmasq security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1903"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:dnsmasq-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debuginfo-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-debugsource-2.86-8.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:dnsmasq-help-2.86-8.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-49441"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1904.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1904.json
@ -0,0 +1,397 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"dnsmasq security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-20.03-LTS-SP4",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.\n\nSecurity Fix(es):\n\ndnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.(CVE-2023-49441)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"dnsmasq",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1904",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1904"
+			},
+			{
+				"summary":"CVE-2023-49441",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-49441&packageName=dnsmasq"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49441"
+			},
+			{
+				"summary":"openEuler-SA-2024-1904 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1904.json"
+			}
+		],
+		"title":"An update for dnsmasq is now available for openEuler-20.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:56+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:56+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:56+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:56+08:00",
+			"id":"openEuler-SA-2024-1904",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"openEuler-20.03-LTS-SP4",
+									"name":"openEuler-20.03-LTS-SP4"
+								},
+								"name":"openEuler-20.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-2.82-15.oe2003sp4.aarch64.rpm",
+									"name":"dnsmasq-2.82-15.oe2003sp4.aarch64.rpm"
+								},
+								"name":"dnsmasq-2.82-15.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64.rpm",
+									"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64.rpm",
+									"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-help-2.82-15.oe2003sp4.aarch64.rpm",
+									"name":"dnsmasq-help-2.82-15.oe2003sp4.aarch64.rpm"
+								},
+								"name":"dnsmasq-help-2.82-15.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-2.82-15.oe2003sp4.src.rpm",
+									"name":"dnsmasq-2.82-15.oe2003sp4.src.rpm"
+								},
+								"name":"dnsmasq-2.82-15.oe2003sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-2.82-15.oe2003sp4.x86_64.rpm",
+									"name":"dnsmasq-2.82-15.oe2003sp4.x86_64.rpm"
+								},
+								"name":"dnsmasq-2.82-15.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64.rpm",
+									"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64.rpm",
+									"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"dnsmasq-help-2.82-15.oe2003sp4.x86_64.rpm",
+									"name":"dnsmasq-help-2.82-15.oe2003sp4.x86_64.rpm"
+								},
+								"name":"dnsmasq-help-2.82-15.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-2.82-15.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.aarch64",
+					"name":"dnsmasq-2.82-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64",
+					"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64",
+					"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-help-2.82-15.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.aarch64",
+					"name":"dnsmasq-help-2.82-15.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-2.82-15.oe2003sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.src",
+					"name":"dnsmasq-2.82-15.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-2.82-15.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.x86_64",
+					"name":"dnsmasq-2.82-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64",
+					"name":"dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64",
+					"name":"dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"dnsmasq-help-2.82-15.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.x86_64",
+					"name":"dnsmasq-help-2.82-15.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-49441",
+			"notes":[
+				{
+					"text":"dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.src",
+					"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64",
+					"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.x86_64"
+					],
+					"details":"dnsmasq security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1904"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:dnsmasq-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debuginfo-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-debugsource-2.82-15.oe2003sp4.x86_64",
+						"openEuler-20.03-LTS-SP4:dnsmasq-help-2.82-15.oe2003sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-49441"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1905.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1905.json
@ -0,0 +1,397 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"dnsmasq security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP1",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.\n\nSecurity Fix(es):\n\ndnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.(CVE-2023-49441)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"dnsmasq",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1905",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1905"
+			},
+			{
+				"summary":"CVE-2023-49441",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-49441&packageName=dnsmasq"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49441"
+			},
+			{
+				"summary":"openEuler-SA-2024-1905 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1905.json"
+			}
+		],
+		"title":"An update for dnsmasq is now available for openEuler-22.03-LTS-SP1",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:58:57+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:58:57+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:58:57+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:58:57+08:00",
+			"id":"openEuler-SA-2024-1905",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp1.aarch64.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp1.aarch64.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64.rpm",
+									"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64.rpm",
+									"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-help-2.86-8.oe2203sp1.aarch64.rpm",
+									"name":"dnsmasq-help-2.86-8.oe2203sp1.aarch64.rpm"
+								},
+								"name":"dnsmasq-help-2.86-8.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp1.src.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp1.src.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp1.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-2.86-8.oe2203sp1.x86_64.rpm",
+									"name":"dnsmasq-2.86-8.oe2203sp1.x86_64.rpm"
+								},
+								"name":"dnsmasq-2.86-8.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64.rpm",
+									"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64.rpm"
+								},
+								"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64.rpm",
+									"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64.rpm"
+								},
+								"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"dnsmasq-help-2.86-8.oe2203sp1.x86_64.rpm",
+									"name":"dnsmasq-help-2.86-8.oe2203sp1.x86_64.rpm"
+								},
+								"name":"dnsmasq-help-2.86-8.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.aarch64",
+					"name":"dnsmasq-2.86-8.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64",
+					"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64",
+					"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-help-2.86-8.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.aarch64",
+					"name":"dnsmasq-help-2.86-8.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.src",
+					"name":"dnsmasq-2.86-8.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-2.86-8.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.x86_64",
+					"name":"dnsmasq-2.86-8.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64",
+					"name":"dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64",
+					"name":"dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"dnsmasq-help-2.86-8.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.x86_64",
+					"name":"dnsmasq-help-2.86-8.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-49441",
+			"notes":[
+				{
+					"text":"dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.x86_64"
+					],
+					"details":"dnsmasq security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1905"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:dnsmasq-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debuginfo-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-debugsource-2.86-8.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:dnsmasq-help-2.86-8.oe2203sp1.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-49441"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1906.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1906.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1907.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1907.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1908.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1908.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1909.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1909.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1910.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1910.json
@ -0,0 +1,449 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"assimp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-24.03-LTS",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose.\n\nSecurity Fix(es):\n\nHeap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.(CVE-2024-40724)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"assimp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1910",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1910"
+			},
+			{
+				"summary":"CVE-2024-40724",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-40724&packageName=assimp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40724"
+			},
+			{
+				"summary":"openEuler-SA-2024-1910 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1910.json"
+			}
+		],
+		"title":"An update for assimp is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:59:06+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:59:06+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:59:06+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:59:06+08:00",
+			"id":"openEuler-SA-2024-1910",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-5.3.1-3.oe2403.aarch64.rpm",
+									"name":"assimp-5.3.1-3.oe2403.aarch64.rpm"
+								},
+								"name":"assimp-5.3.1-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-debuginfo-5.3.1-3.oe2403.aarch64.rpm",
+									"name":"assimp-debuginfo-5.3.1-3.oe2403.aarch64.rpm"
+								},
+								"name":"assimp-debuginfo-5.3.1-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-debugsource-5.3.1-3.oe2403.aarch64.rpm",
+									"name":"assimp-debugsource-5.3.1-3.oe2403.aarch64.rpm"
+								},
+								"name":"assimp-debugsource-5.3.1-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-devel-5.3.1-3.oe2403.aarch64.rpm",
+									"name":"assimp-devel-5.3.1-3.oe2403.aarch64.rpm"
+								},
+								"name":"assimp-devel-5.3.1-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-5.3.1-3.oe2403.src.rpm",
+									"name":"assimp-5.3.1-3.oe2403.src.rpm"
+								},
+								"name":"assimp-5.3.1-3.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-5.3.1-3.oe2403.x86_64.rpm",
+									"name":"assimp-5.3.1-3.oe2403.x86_64.rpm"
+								},
+								"name":"assimp-5.3.1-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-debuginfo-5.3.1-3.oe2403.x86_64.rpm",
+									"name":"assimp-debuginfo-5.3.1-3.oe2403.x86_64.rpm"
+								},
+								"name":"assimp-debuginfo-5.3.1-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-debugsource-5.3.1-3.oe2403.x86_64.rpm",
+									"name":"assimp-debugsource-5.3.1-3.oe2403.x86_64.rpm"
+								},
+								"name":"assimp-debugsource-5.3.1-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-devel-5.3.1-3.oe2403.x86_64.rpm",
+									"name":"assimp-devel-5.3.1-3.oe2403.x86_64.rpm"
+								},
+								"name":"assimp-devel-5.3.1-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"assimp-help-5.3.1-3.oe2403.noarch.rpm",
+									"name":"assimp-help-5.3.1-3.oe2403.noarch.rpm"
+								},
+								"name":"assimp-help-5.3.1-3.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-assimp-5.3.1-3.oe2403.noarch.rpm",
+									"name":"python3-assimp-5.3.1-3.oe2403.noarch.rpm"
+								},
+								"name":"python3-assimp-5.3.1-3.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-5.3.1-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.aarch64",
+					"name":"assimp-5.3.1-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-debuginfo-5.3.1-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.aarch64",
+					"name":"assimp-debuginfo-5.3.1-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-debugsource-5.3.1-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.aarch64",
+					"name":"assimp-debugsource-5.3.1-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-devel-5.3.1-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.aarch64",
+					"name":"assimp-devel-5.3.1-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-5.3.1-3.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.src",
+					"name":"assimp-5.3.1-3.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-5.3.1-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.x86_64",
+					"name":"assimp-5.3.1-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-debuginfo-5.3.1-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.x86_64",
+					"name":"assimp-debuginfo-5.3.1-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-debugsource-5.3.1-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.x86_64",
+					"name":"assimp-debugsource-5.3.1-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-devel-5.3.1-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.x86_64",
+					"name":"assimp-devel-5.3.1-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"assimp-help-5.3.1-3.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:assimp-help-5.3.1-3.oe2403.noarch",
+					"name":"assimp-help-5.3.1-3.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-assimp-5.3.1-3.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-assimp-5.3.1-3.oe2403.noarch",
+					"name":"python3-assimp-5.3.1-3.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-40724",
+			"notes":[
+				{
+					"text":"Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.src",
+					"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:assimp-help-5.3.1-3.oe2403.noarch",
+					"openEuler-24.03-LTS:python3-assimp-5.3.1-3.oe2403.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.src",
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-help-5.3.1-3.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-assimp-5.3.1-3.oe2403.noarch"
+					],
+					"details":"assimp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1910"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.src",
+						"openEuler-24.03-LTS:assimp-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-debuginfo-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-debugsource-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-devel-5.3.1-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:assimp-help-5.3.1-3.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-assimp-5.3.1-3.oe2403.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-40724"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1911.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1911.json
@ -0,0 +1,449 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"assimp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP4",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose.\n\nSecurity Fix(es):\n\nHeap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.(CVE-2024-40724)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"assimp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1911",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1911"
+			},
+			{
+				"summary":"CVE-2024-40724",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-40724&packageName=assimp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40724"
+			},
+			{
+				"summary":"openEuler-SA-2024-1911 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1911.json"
+			}
+		],
+		"title":"An update for assimp is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:59:07+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:59:07+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:59:07+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:59:07+08:00",
+			"id":"openEuler-SA-2024-1911",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp4.aarch64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp4.aarch64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp4.aarch64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp4.aarch64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp4.aarch64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp4.aarch64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp4.src.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp4.src.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp4.x86_64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp4.x86_64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp4.x86_64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp4.x86_64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp4.x86_64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp4.x86_64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"assimp-help-5.2.4-2.oe2203sp4.noarch.rpm",
+									"name":"assimp-help-5.2.4-2.oe2203sp4.noarch.rpm"
+								},
+								"name":"assimp-help-5.2.4-2.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python3-assimp-5.2.4-2.oe2203sp4.noarch.rpm",
+									"name":"python3-assimp-5.2.4-2.oe2203sp4.noarch.rpm"
+								},
+								"name":"python3-assimp-5.2.4-2.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-5.2.4-2.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.aarch64",
+					"name":"assimp-5.2.4-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.aarch64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.aarch64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-5.2.4-2.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.src",
+					"name":"assimp-5.2.4-2.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-5.2.4-2.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.x86_64",
+					"name":"assimp-5.2.4-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.x86_64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.x86_64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"assimp-help-5.2.4-2.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:assimp-help-5.2.4-2.oe2203sp4.noarch",
+					"name":"assimp-help-5.2.4-2.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python3-assimp-5.2.4-2.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python3-assimp-5.2.4-2.oe2203sp4.noarch",
+					"name":"python3-assimp-5.2.4-2.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-40724",
+			"notes":[
+				{
+					"text":"Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:assimp-help-5.2.4-2.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:python3-assimp-5.2.4-2.oe2203sp4.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-help-5.2.4-2.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python3-assimp-5.2.4-2.oe2203sp4.noarch"
+					],
+					"details":"assimp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1911"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:assimp-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-debuginfo-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-debugsource-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-devel-5.2.4-2.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:assimp-help-5.2.4-2.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python3-assimp-5.2.4-2.oe2203sp4.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-40724"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1912.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1912.json
@ -0,0 +1,449 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"assimp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP3",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose.\n\nSecurity Fix(es):\n\nHeap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.(CVE-2024-40724)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"assimp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1912",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1912"
+			},
+			{
+				"summary":"CVE-2024-40724",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-40724&packageName=assimp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40724"
+			},
+			{
+				"summary":"openEuler-SA-2024-1912 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1912.json"
+			}
+		],
+		"title":"An update for assimp is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:59:08+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:59:08+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:59:08+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:59:08+08:00",
+			"id":"openEuler-SA-2024-1912",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp3.aarch64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp3.aarch64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp3.aarch64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp3.aarch64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp3.aarch64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp3.aarch64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp3.src.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp3.src.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp3.x86_64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp3.x86_64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp3.x86_64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp3.x86_64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp3.x86_64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp3.x86_64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"assimp-help-5.2.4-2.oe2203sp3.noarch.rpm",
+									"name":"assimp-help-5.2.4-2.oe2203sp3.noarch.rpm"
+								},
+								"name":"assimp-help-5.2.4-2.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-assimp-5.2.4-2.oe2203sp3.noarch.rpm",
+									"name":"python3-assimp-5.2.4-2.oe2203sp3.noarch.rpm"
+								},
+								"name":"python3-assimp-5.2.4-2.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-5.2.4-2.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.aarch64",
+					"name":"assimp-5.2.4-2.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.aarch64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.aarch64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-5.2.4-2.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.src",
+					"name":"assimp-5.2.4-2.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-5.2.4-2.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.x86_64",
+					"name":"assimp-5.2.4-2.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.x86_64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.x86_64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"assimp-help-5.2.4-2.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:assimp-help-5.2.4-2.oe2203sp3.noarch",
+					"name":"assimp-help-5.2.4-2.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-assimp-5.2.4-2.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-assimp-5.2.4-2.oe2203sp3.noarch",
+					"name":"python3-assimp-5.2.4-2.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-40724",
+			"notes":[
+				{
+					"text":"Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:assimp-help-5.2.4-2.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:python3-assimp-5.2.4-2.oe2203sp3.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-help-5.2.4-2.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python3-assimp-5.2.4-2.oe2203sp3.noarch"
+					],
+					"details":"assimp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1912"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:assimp-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-debuginfo-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-debugsource-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-devel-5.2.4-2.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:assimp-help-5.2.4-2.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python3-assimp-5.2.4-2.oe2203sp3.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-40724"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1913.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1913.json
@ -0,0 +1,449 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"assimp security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP1",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose.\n\nSecurity Fix(es):\n\nHeap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.(CVE-2024-40724)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for assimp is now available for openEuler-22.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"assimp",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1913",
+				"category":"self",
+				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1913"
+			},
+			{
+				"summary":"CVE-2024-40724",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-40724&packageName=assimp"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40724"
+			},
+			{
+				"summary":"openEuler-SA-2024-1913 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1913.json"
+			}
+		],
+		"title":"An update for assimp is now available for openEuler-22.03-LTS-SP1",
+		"tracking":{
+			"initial_release_date":"2024-07-26T20:59:09+08:00",
+			"revision_history":[
+				{
+					"date":"2024-07-26T20:59:09+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-07-26T20:59:09+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-07-26T20:59:09+08:00",
+			"id":"openEuler-SA-2024-1913",
+			"version":"1.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp1.aarch64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp1.aarch64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp1.aarch64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp1.aarch64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp1.aarch64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp1.aarch64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp1.src.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp1.src.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp1.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-5.2.4-2.oe2203sp1.x86_64.rpm",
+									"name":"assimp-5.2.4-2.oe2203sp1.x86_64.rpm"
+								},
+								"name":"assimp-5.2.4-2.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64.rpm",
+									"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64.rpm"
+								},
+								"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-debugsource-5.2.4-2.oe2203sp1.x86_64.rpm",
+									"name":"assimp-debugsource-5.2.4-2.oe2203sp1.x86_64.rpm"
+								},
+								"name":"assimp-debugsource-5.2.4-2.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-devel-5.2.4-2.oe2203sp1.x86_64.rpm",
+									"name":"assimp-devel-5.2.4-2.oe2203sp1.x86_64.rpm"
+								},
+								"name":"assimp-devel-5.2.4-2.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"assimp-help-5.2.4-2.oe2203sp1.noarch.rpm",
+									"name":"assimp-help-5.2.4-2.oe2203sp1.noarch.rpm"
+								},
+								"name":"assimp-help-5.2.4-2.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python3-assimp-5.2.4-2.oe2203sp1.noarch.rpm",
+									"name":"python3-assimp-5.2.4-2.oe2203sp1.noarch.rpm"
+								},
+								"name":"python3-assimp-5.2.4-2.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-5.2.4-2.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.aarch64",
+					"name":"assimp-5.2.4-2.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.aarch64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.aarch64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-5.2.4-2.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.src",
+					"name":"assimp-5.2.4-2.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-5.2.4-2.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.x86_64",
+					"name":"assimp-5.2.4-2.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64",
+					"name":"assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-debugsource-5.2.4-2.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.x86_64",
+					"name":"assimp-debugsource-5.2.4-2.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-devel-5.2.4-2.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.x86_64",
+					"name":"assimp-devel-5.2.4-2.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"assimp-help-5.2.4-2.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:assimp-help-5.2.4-2.oe2203sp1.noarch",
+					"name":"assimp-help-5.2.4-2.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python3-assimp-5.2.4-2.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python3-assimp-5.2.4-2.oe2203sp1.noarch",
+					"name":"python3-assimp-5.2.4-2.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-40724",
+			"notes":[
+				{
+					"text":"Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:assimp-help-5.2.4-2.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP1:python3-assimp-5.2.4-2.oe2203sp1.noarch"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-help-5.2.4-2.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python3-assimp-5.2.4-2.oe2203sp1.noarch"
+					],
+					"details":"assimp security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1913"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:assimp-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-debuginfo-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-debugsource-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-devel-5.2.4-2.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:assimp-help-5.2.4-2.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python3-assimp-5.2.4-2.oe2203sp1.noarch"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-40724"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1914.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1914.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1915.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1915.json
@ -0,0 +1,264 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"avro security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-20.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Apache Avro is a data serialization system.\n\nSecurity Fix(es):\n\nWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.\n\nThis issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.\n\n(CVE-2023-39410)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"avro",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1915",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1915"
+			},
+			{
+				"summary":"CVE-2023-39410",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-39410&packageName=avro"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
+			},
+			{
+				"summary":"openEuler-SA-2024-1915 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1915.json"
+			}
+		],
+		"title":"An update for avro is now available for openEuler-20.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:45+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:45+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:23+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:23+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:23+08:00",
+			"id":"openEuler-SA-2024-1915",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"openEuler-20.03-LTS-SP4",
+									"name":"openEuler-20.03-LTS-SP4"
+								},
+								"name":"openEuler-20.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2003sp4.aarch64.rpm",
+									"name":"avro-1.10.2-5.oe2003sp4.aarch64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2003sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2003sp4.src.rpm",
+									"name":"avro-1.10.2-5.oe2003sp4.src.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2003sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2003sp4.x86_64.rpm",
+									"name":"avro-1.10.2-5.oe2003sp4.x86_64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2003sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2003sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.aarch64",
+					"name":"avro-1.10.2-5.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2003sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.src",
+					"name":"avro-1.10.2-5.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2003sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.x86_64",
+					"name":"avro-1.10.2-5.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-39410",
+			"notes":[
+				{
+					"text":"When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.aarch64",
+					"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.src",
+					"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.x86_64"
+					],
+					"details":"avro security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1915"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.aarch64",
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.src",
+						"openEuler-20.03-LTS-SP4:avro-1.10.2-5.oe2003sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-39410"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1916.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1916.json
@ -0,0 +1,264 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"avro security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Apache Avro is a data serialization system.\n\nSecurity Fix(es):\n\nWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.\n\nThis issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.\n\n(CVE-2023-39410)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"avro",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1916",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1916"
+			},
+			{
+				"summary":"CVE-2023-39410",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-39410&packageName=avro"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
+			},
+			{
+				"summary":"openEuler-SA-2024-1916 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1916.json"
+			}
+		],
+		"title":"An update for avro is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:47+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:47+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:37+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:37+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-02T19:41:47+08:00",
+			"id":"openEuler-SA-2024-1916",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp3.aarch64.rpm",
+									"name":"avro-1.10.2-5.oe2203sp3.aarch64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp3.src.rpm",
+									"name":"avro-1.10.2-5.oe2203sp3.src.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp3.x86_64.rpm",
+									"name":"avro-1.10.2-5.oe2203sp3.x86_64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"avro-1.10.2-5.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.aarch64",
+					"name":"avro-1.10.2-5.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"avro-1.10.2-5.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.src",
+					"name":"avro-1.10.2-5.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"avro-1.10.2-5.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.x86_64",
+					"name":"avro-1.10.2-5.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-39410",
+			"notes":[
+				{
+					"text":"When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.x86_64"
+					],
+					"details":"avro security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1916"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:avro-1.10.2-5.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-39410"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1917.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1917.json
@ -0,0 +1,264 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"avro security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-22.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Apache Avro is a data serialization system.\n\nSecurity Fix(es):\n\nWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.\n\nThis issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.\n\n(CVE-2023-39410)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"avro",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1917",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1917"
+			},
+			{
+				"summary":"CVE-2023-39410",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-39410&packageName=avro"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
+			},
+			{
+				"summary":"openEuler-SA-2024-1917 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1917.json"
+			}
+		],
+		"title":"An update for avro is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:48+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:48+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:38+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:38+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:38+08:00",
+			"id":"openEuler-SA-2024-1917",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp4.aarch64.rpm",
+									"name":"avro-1.10.2-5.oe2203sp4.aarch64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp4.src.rpm",
+									"name":"avro-1.10.2-5.oe2203sp4.src.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"avro-1.10.2-5.oe2203sp4.x86_64.rpm",
+									"name":"avro-1.10.2-5.oe2203sp4.x86_64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.aarch64",
+					"name":"avro-1.10.2-5.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.src",
+					"name":"avro-1.10.2-5.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"avro-1.10.2-5.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.x86_64",
+					"name":"avro-1.10.2-5.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-39410",
+			"notes":[
+				{
+					"text":"When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.x86_64"
+					],
+					"details":"avro security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1917"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:avro-1.10.2-5.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-39410"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1918.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1918.json
@ -0,0 +1,264 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"avro security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Apache Avro is a data serialization system.\n\nSecurity Fix(es):\n\nWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.\n\nThis issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.\n\n(CVE-2023-39410)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for avro is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"avro",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1918",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1918"
+			},
+			{
+				"summary":"CVE-2023-39410",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-39410&packageName=avro"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39410"
+			},
+			{
+				"summary":"openEuler-SA-2024-1918 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1918.json"
+			}
+		],
+		"title":"An update for avro is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:49+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:49+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:39+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:39+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:39+08:00",
+			"id":"openEuler-SA-2024-1918",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"avro-1.10.2-5.oe2403.aarch64.rpm",
+									"name":"avro-1.10.2-5.oe2403.aarch64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"avro-1.10.2-5.oe2403.src.rpm",
+									"name":"avro-1.10.2-5.oe2403.src.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"avro-1.10.2-5.oe2403.x86_64.rpm",
+									"name":"avro-1.10.2-5.oe2403.x86_64.rpm"
+								},
+								"name":"avro-1.10.2-5.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"avro-1.10.2-5.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.aarch64",
+					"name":"avro-1.10.2-5.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"avro-1.10.2-5.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.src",
+					"name":"avro-1.10.2-5.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"avro-1.10.2-5.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.x86_64",
+					"name":"avro-1.10.2-5.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2023-39410",
+			"notes":[
+				{
+					"text":"When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2.  Users should update to apache-avro version 1.11.3 which addresses this issue.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.aarch64",
+					"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.src",
+					"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.aarch64",
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.src",
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.x86_64"
+					],
+					"details":"avro security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1918"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.aarch64",
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.src",
+						"openEuler-24.03-LTS:avro-1.10.2-5.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-39410"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1919.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1919.json
@ -0,0 +1,966 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mysql security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP1.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or its affiliates\n\nSecurity Fix(es):\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-20996)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21135)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21162)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mysql",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1919",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1919"
+			},
+			{
+				"summary":"CVE-2024-20996",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-20996&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21135",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21135&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21162",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21162&packageName=mysql"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20996"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21135"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21162"
+			},
+			{
+				"summary":"openEuler-SA-2024-1919 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1919.json"
+			}
+		],
+		"title":"An update for mysql is now available for openEuler-22.03-LTS-SP1",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:50+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:50+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:50+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:50+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:50+08:00",
+			"id":"openEuler-SA-2024-1919",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp1.src.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp1.src.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp1.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp1.x86_64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp1.x86_64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp1.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-test-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-server-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-config-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-common-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-help-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-8.0.38-1.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+					"name":"mysql-8.0.38-1.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-server-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-help-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-common-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-test-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp1.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64",
+					"name":"mysql-config-8.0.38-1.oe2203sp1.x86_64 as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-20996",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1919"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-20996"
+		},
+		{
+			"cve":"CVE-2024-21135",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1919"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21135"
+		},
+		{
+			"cve":"CVE-2024-21162",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+					"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1919"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.aarch64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP1:mysql-debugsource-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-server-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-help-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-common-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-libs-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-devel-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-errmsg-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-debuginfo-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-test-8.0.38-1.oe2203sp1.x86_64",
+						"openEuler-22.03-LTS-SP1:mysql-config-8.0.38-1.oe2203sp1.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21162"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1920.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1920.json
@ -0,0 +1,966 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mysql security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or its affiliates\n\nSecurity Fix(es):\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-20996)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21135)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21162)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mysql",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1920",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1920"
+			},
+			{
+				"summary":"CVE-2024-20996",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-20996&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21135",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21135&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21162",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21162&packageName=mysql"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20996"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21135"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21162"
+			},
+			{
+				"summary":"openEuler-SA-2024-1920 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1920.json"
+			}
+		],
+		"title":"An update for mysql is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:52+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:52+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:52+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:52+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:52+08:00",
+			"id":"openEuler-SA-2024-1920",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp3.aarch64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp3.src.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp3.src.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp3.x86_64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-help-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-test-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-common-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-server-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-config-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-8.0.38-1.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+					"name":"mysql-8.0.38-1.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-test-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-config-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-common-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-server-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-help-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-20996",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1920"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-20996"
+		},
+		{
+			"cve":"CVE-2024-21135",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1920"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21135"
+		},
+		{
+			"cve":"CVE-2024-21162",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1920"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mysql-test-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-devel-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-config-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-libs-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-common-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-errmsg-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-server-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debuginfo-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-help-8.0.38-1.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mysql-debugsource-8.0.38-1.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21162"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1921.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1921.json
@ -0,0 +1,845 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mysql security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or its affiliates\n\nSecurity Fix(es):\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-20996)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21162)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mysql",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1921",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1921"
+			},
+			{
+				"summary":"CVE-2024-20996",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-20996&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21162",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21162&packageName=mysql"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20996"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21162"
+			},
+			{
+				"summary":"openEuler-SA-2024-1921 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1921.json"
+			}
+		],
+		"title":"An update for mysql is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:53+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:53+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:53+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:53+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:53+08:00",
+			"id":"openEuler-SA-2024-1921",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp4.aarch64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp4.src.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp4.src.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2203sp4.x86_64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-server-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-common-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-config-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-help-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-test-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-8.0.38-1.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+					"name":"mysql-8.0.38-1.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-help-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-help-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-test-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-test-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-server-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-server-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-debugsource-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-errmsg-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-config-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-config-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-common-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-common-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-libs-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-libs-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mysql-devel-8.0.38-1.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64",
+					"name":"mysql-devel-8.0.38-1.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-20996",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1921"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-20996"
+		},
+		{
+			"cve":"CVE-2024-21162",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1921"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mysql-help-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-test-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debuginfo-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-server-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-debugsource-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-errmsg-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-config-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-common-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-libs-8.0.38-1.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mysql-devel-8.0.38-1.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21162"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1922.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1922.json
@ -0,0 +1,966 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mysql security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or its affiliates\n\nSecurity Fix(es):\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-20996)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21135)\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).(CVE-2024-21162)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mysql is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mysql",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1922",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1922"
+			},
+			{
+				"summary":"CVE-2024-20996",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-20996&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21135",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21135&packageName=mysql"
+			},
+			{
+				"summary":"CVE-2024-21162",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-21162&packageName=mysql"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20996"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21135"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-21162"
+			},
+			{
+				"summary":"openEuler-SA-2024-1922 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1922.json"
+			}
+		],
+		"title":"An update for mysql is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:55+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:55+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:55+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:55+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:55+08:00",
+			"id":"openEuler-SA-2024-1922",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2403.aarch64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2403.aarch64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-8.0.38-1.oe2403.src.rpm",
+									"name":"mysql-8.0.38-1.oe2403.src.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-debugsource-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-debugsource-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-debugsource-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-common-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-common-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-common-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-errmsg-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-errmsg-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-errmsg-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-debuginfo-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-debuginfo-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-debuginfo-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-server-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-server-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-server-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-libs-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-libs-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-libs-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-help-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-help-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-help-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-test-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-test-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-test-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-devel-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-devel-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-devel-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"mysql-config-8.0.38-1.oe2403.x86_64.rpm",
+									"name":"mysql-config-8.0.38-1.oe2403.x86_64.rpm"
+								},
+								"name":"mysql-config-8.0.38-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-common-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-common-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-config-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-config-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-debugsource-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-help-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-help-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-server-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-server-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-libs-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-libs-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-devel-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-devel-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-test-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-test-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+					"name":"mysql-errmsg-8.0.38-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-8.0.38-1.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+					"name":"mysql-8.0.38-1.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-debugsource-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-debugsource-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-common-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-common-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-errmsg-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-errmsg-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-debuginfo-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-debuginfo-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-server-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-server-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-libs-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-libs-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-help-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-help-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-test-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-test-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-devel-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-devel-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"mysql-config-8.0.38-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64",
+					"name":"mysql-config-8.0.38-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-20996",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1922"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-20996"
+		},
+		{
+			"cve":"CVE-2024-21135",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.36 and prior and  8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1922"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21135"
+		},
+		{
+			"cve":"CVE-2024-21162",
+			"notes":[
+				{
+					"text":"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+					"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					],
+					"details":"mysql security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1922"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.9,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.src",
+						"openEuler-24.03-LTS:mysql-debugsource-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-common-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-errmsg-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-debuginfo-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-server-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-libs-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-help-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-test-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-devel-8.0.38-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:mysql-config-8.0.38-1.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-21162"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1923.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1923.json
@ -0,0 +1,653 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"botan2 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \\#10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API reference, tutorial, and examples may help impart the flavor of the library. This is the current stable release branch 2.x of Botan.\n\nSecurity Fix(es):\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.(CVE-2024-34702)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.\n(CVE-2024-34703)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.(CVE-2024-39312)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"botan2",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1923",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1923"
+			},
+			{
+				"summary":"CVE-2024-34702",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34702&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-34703",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34703&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-39312",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39312&packageName=botan2"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34702"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34703"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39312"
+			},
+			{
+				"summary":"openEuler-SA-2024-1923 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1923.json"
+			}
+		],
+		"title":"An update for botan2 is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:56+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:56+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:56+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:56+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:56+08:00",
+			"id":"openEuler-SA-2024-1923",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2403.aarch64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2403.aarch64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-2.19.3-3.oe2403.aarch64.rpm",
+									"name":"botan2-2.19.3-3.oe2403.aarch64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2403.aarch64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2403.aarch64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2403.aarch64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2403.aarch64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2403.aarch64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2403.aarch64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-doc-2.19.3-3.oe2403.noarch.rpm",
+									"name":"botan2-doc-2.19.3-3.oe2403.noarch.rpm"
+								},
+								"name":"botan2-doc-2.19.3-3.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-2.19.3-3.oe2403.src.rpm",
+									"name":"botan2-2.19.3-3.oe2403.src.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2403.x86_64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2403.x86_64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2403.x86_64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2403.x86_64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2403.x86_64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2403.x86_64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-2.19.3-3.oe2403.x86_64.rpm",
+									"name":"botan2-2.19.3-3.oe2403.x86_64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2403.x86_64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2403.x86_64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-devel-2.19.3-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+					"name":"botan2-devel-2.19.3-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-2.19.3-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+					"name":"botan2-2.19.3-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+					"name":"botan2-debugsource-2.19.3-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-botan2-2.19.3-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+					"name":"python3-botan2-2.19.3-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-doc-2.19.3-3.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+					"name":"botan2-doc-2.19.3-3.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-2.19.3-3.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+					"name":"botan2-2.19.3-3.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-devel-2.19.3-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+					"name":"botan2-devel-2.19.3-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-botan2-2.19.3-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+					"name":"python3-botan2-2.19.3-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-2.19.3-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+					"name":"botan2-2.19.3-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64",
+					"name":"botan2-debugsource-2.19.3-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-34702",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1923"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34702"
+		},
+		{
+			"cve":"CVE-2024-34703",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1923"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34703"
+		},
+		{
+			"cve":"CVE-2024-39312",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+					"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+					"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+					"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1923"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.aarch64",
+						"openEuler-24.03-LTS:botan2-doc-2.19.3-3.oe2403.noarch",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.src",
+						"openEuler-24.03-LTS:botan2-devel-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debuginfo-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-2.19.3-3.oe2403.x86_64",
+						"openEuler-24.03-LTS:botan2-debugsource-2.19.3-3.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-39312"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1924.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1924.json
@ -0,0 +1,653 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"botan2 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \\#10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API reference, tutorial, and examples may help impart the flavor of the library. This is the current stable release branch 2.x of Botan.\n\nSecurity Fix(es):\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.(CVE-2024-34702)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.\n(CVE-2024-34703)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.(CVE-2024-39312)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"botan2",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1924",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1924"
+			},
+			{
+				"summary":"CVE-2024-34702",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34702&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-34703",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34703&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-39312",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39312&packageName=botan2"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34702"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34703"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39312"
+			},
+			{
+				"summary":"openEuler-SA-2024-1924 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1924.json"
+			}
+		],
+		"title":"An update for botan2 is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:57+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:57+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:57+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:57+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:57+08:00",
+			"id":"openEuler-SA-2024-1924",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2203sp3.aarch64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2203sp3.aarch64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-doc-2.19.3-3.oe2203sp3.noarch.rpm",
+									"name":"botan2-doc-2.19.3-3.oe2203sp3.noarch.rpm"
+								},
+								"name":"botan2-doc-2.19.3-3.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp3.src.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp3.src.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2203sp3.x86_64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2203sp3.x86_64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+					"name":"botan2-2.19.3-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-botan2-2.19.3-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+					"name":"python3-botan2-2.19.3-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+					"name":"botan2-debugsource-2.19.3-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-devel-2.19.3-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+					"name":"botan2-devel-2.19.3-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-doc-2.19.3-3.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+					"name":"botan2-doc-2.19.3-3.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-2.19.3-3.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+					"name":"botan2-2.19.3-3.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+					"name":"python3-botan2-2.19.3-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+					"name":"botan2-debugsource-2.19.3-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-2.19.3-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+					"name":"botan2-2.19.3-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"botan2-devel-2.19.3-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64",
+					"name":"botan2-devel-2.19.3-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-34702",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1924"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34702"
+		},
+		{
+			"cve":"CVE-2024-34703",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1924"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34703"
+		},
+		{
+			"cve":"CVE-2024-39312",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1924"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:botan2-doc-2.19.3-3.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:python3-botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debugsource-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-debuginfo-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-2.19.3-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:botan2-devel-2.19.3-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-39312"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1925.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1925.json
@ -0,0 +1,653 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"botan2 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-22.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \\#10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API reference, tutorial, and examples may help impart the flavor of the library. This is the current stable release branch 2.x of Botan.\n\nSecurity Fix(es):\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.(CVE-2024-34702)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.\n(CVE-2024-34703)\n\nBotan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.(CVE-2024-39312)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for botan2 is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"botan2",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1925",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1925"
+			},
+			{
+				"summary":"CVE-2024-34702",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34702&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-34703",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-34703&packageName=botan2"
+			},
+			{
+				"summary":"CVE-2024-39312",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39312&packageName=botan2"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34702"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34703"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39312"
+			},
+			{
+				"summary":"openEuler-SA-2024-1925 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1925.json"
+			}
+		],
+		"title":"An update for botan2 is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:41:59+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:41:59+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:30:59+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:30:59+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:30:59+08:00",
+			"id":"openEuler-SA-2024-1925",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2203sp4.aarch64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2203sp4.aarch64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-doc-2.19.3-3.oe2203sp4.noarch.rpm",
+									"name":"botan2-doc-2.19.3-3.oe2203sp4.noarch.rpm"
+								},
+								"name":"botan2-doc-2.19.3-3.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp4.src.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp4.src.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-debugsource-2.19.3-3.oe2203sp4.x86_64.rpm",
+									"name":"botan2-debugsource-2.19.3-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"botan2-debugsource-2.19.3-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64.rpm",
+									"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+									"name":"botan2-2.19.3-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python3-botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+									"name":"python3-botan2-2.19.3-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"python3-botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"botan2-devel-2.19.3-3.oe2203sp4.x86_64.rpm",
+									"name":"botan2-devel-2.19.3-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"botan2-devel-2.19.3-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python3-botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+					"name":"python3-botan2-2.19.3-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-2.19.3-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+					"name":"botan2-2.19.3-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+					"name":"botan2-debugsource-2.19.3-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-devel-2.19.3-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+					"name":"botan2-devel-2.19.3-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-doc-2.19.3-3.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+					"name":"botan2-doc-2.19.3-3.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-2.19.3-3.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+					"name":"botan2-2.19.3-3.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-debugsource-2.19.3-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+					"name":"botan2-debugsource-2.19.3-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+					"name":"botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+					"name":"botan2-2.19.3-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python3-botan2-2.19.3-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+					"name":"python3-botan2-2.19.3-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"botan2-devel-2.19.3-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64",
+					"name":"botan2-devel-2.19.3-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-34702",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1925"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34702"
+		},
+		{
+			"cve":"CVE-2024-34703",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1925"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-34703"
+		},
+		{
+			"cve":"CVE-2024-39312",
+			"notes":[
+				{
+					"text":"Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					],
+					"details":"botan2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1925"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:botan2-doc-2.19.3-3.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:botan2-debugsource-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-debuginfo-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:python3-botan2-2.19.3-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:botan2-devel-2.19.3-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-39312"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1926.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1926.json
@ -0,0 +1,689 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"exim security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for exim is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail.\n\nSecurity Fix(es):\n\nA vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.(CVE-2022-3559)\n\nExim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.(CVE-2023-51766)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for exim is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"exim",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1926",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1926"
+			},
+			{
+				"summary":"CVE-2022-3559",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-3559&packageName=exim"
+			},
+			{
+				"summary":"CVE-2023-51766",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-51766&packageName=exim"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3559"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-51766"
+			},
+			{
+				"summary":"openEuler-SA-2024-1926 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1926.json"
+			}
+		],
+		"title":"An update for exim is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:00+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:00+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:00+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:00+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:00+08:00",
+			"id":"openEuler-SA-2024-1926",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-debuginfo-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-debuginfo-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-debuginfo-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-greylist-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-greylist-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-greylist-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-mysql-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-mysql-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-mysql-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-clamav-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-clamav-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-clamav-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-debugsource-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-debugsource-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-debugsource-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-mon-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-mon-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-mon-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-pgsql-4.96-3.oe2203sp3.aarch64.rpm",
+									"name":"exim-pgsql-4.96-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"exim-pgsql-4.96-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-4.96-3.oe2203sp3.src.rpm",
+									"name":"exim-4.96-3.oe2203sp3.src.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-mon-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-mon-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-mon-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-greylist-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-greylist-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-greylist-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-pgsql-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-pgsql-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-pgsql-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-debugsource-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-debugsource-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-debugsource-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-mysql-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-mysql-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-mysql-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-debuginfo-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-debuginfo-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-debuginfo-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-clamav-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-clamav-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-clamav-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"exim-4.96-3.oe2203sp3.x86_64.rpm",
+									"name":"exim-4.96-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-debuginfo-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-debuginfo-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-greylist-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-greylist-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-mysql-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-mysql-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-clamav-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-clamav-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-debugsource-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-debugsource-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-mon-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-mon-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-pgsql-4.96-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+					"name":"exim-pgsql-4.96-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-4.96-3.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+					"name":"exim-4.96-3.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-mon-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-mon-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-greylist-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-greylist-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-pgsql-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-pgsql-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-debugsource-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-debugsource-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-mysql-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-mysql-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-debuginfo-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-debuginfo-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-clamav-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-clamav-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"exim-4.96-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64",
+					"name":"exim-4.96-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2022-3559",
+			"notes":[
+				{
+					"text":"A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+					],
+					"details":"exim security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1926"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2022-3559"
+		},
+		{
+			"cve":"CVE-2023-51766",
+			"notes":[
+				{
+					"text":"Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+					],
+					"details":"exim security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1926"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:exim-mon-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-greylist-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-pgsql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debugsource-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-mysql-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-debuginfo-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-clamav-4.96-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:exim-4.96-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-51766"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1927.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1927.json
@ -0,0 +1,689 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"exim security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for exim is now available for openEuler-22.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail.\n\nSecurity Fix(es):\n\nA vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.(CVE-2022-3559)\n\nExim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.(CVE-2023-51766)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for exim is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"exim",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1927",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1927"
+			},
+			{
+				"summary":"CVE-2022-3559",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-3559&packageName=exim"
+			},
+			{
+				"summary":"CVE-2023-51766",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-51766&packageName=exim"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3559"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-51766"
+			},
+			{
+				"summary":"openEuler-SA-2024-1927 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1927.json"
+			}
+		],
+		"title":"An update for exim is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:01+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:01+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:01+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:01+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:01+08:00",
+			"id":"openEuler-SA-2024-1927",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-debugsource-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-debugsource-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-debugsource-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-clamav-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-clamav-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-clamav-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-pgsql-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-pgsql-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-pgsql-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-mon-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-mon-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-mon-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-debuginfo-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-debuginfo-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-debuginfo-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-mysql-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-mysql-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-mysql-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-greylist-4.96-3.oe2203sp4.aarch64.rpm",
+									"name":"exim-greylist-4.96-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"exim-greylist-4.96-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-4.96-3.oe2203sp4.src.rpm",
+									"name":"exim-4.96-3.oe2203sp4.src.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-debugsource-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-debugsource-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-debugsource-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-mysql-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-mysql-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-mysql-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-clamav-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-clamav-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-clamav-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-pgsql-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-pgsql-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-pgsql-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-debuginfo-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-debuginfo-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-debuginfo-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-mon-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-mon-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-mon-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"exim-greylist-4.96-3.oe2203sp4.x86_64.rpm",
+									"name":"exim-greylist-4.96-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"exim-greylist-4.96-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-debugsource-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-debugsource-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-clamav-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-clamav-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-pgsql-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-pgsql-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-mon-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-mon-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-debuginfo-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-debuginfo-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-mysql-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-mysql-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-greylist-4.96-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+					"name":"exim-greylist-4.96-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-4.96-3.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+					"name":"exim-4.96-3.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-debugsource-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-debugsource-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-mysql-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-mysql-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-clamav-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-clamav-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-pgsql-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-pgsql-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-debuginfo-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-debuginfo-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-mon-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-mon-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"exim-greylist-4.96-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64",
+					"name":"exim-greylist-4.96-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2022-3559",
+			"notes":[
+				{
+					"text":"A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+					],
+					"details":"exim security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1927"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2022-3559"
+		},
+		{
+			"cve":"CVE-2023-51766",
+			"notes":[
+				{
+					"text":"Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+					],
+					"details":"exim security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1927"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":5.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:exim-debugsource-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mysql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-clamav-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-pgsql-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-debuginfo-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-mon-4.96-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:exim-greylist-4.96-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2023-51766"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1928.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1928.json
@ -0,0 +1,586 @@
+{
+	"document": {
+	  "aggregate_severity": {
+		"namespace": "https://nvd.nist.gov/vuln-metrics/cvss",
+		"text": "Medium"
+	  },
+	  "category": "csaf_vex",
+	  "csaf_version": "2.0",
+	  "distribution": {
+		"tlp": {
+		  "label": "WHITE",
+		  "url": "https:/www.first.org/tlp/"
+		}
+	  },
+	  "lang": "en",
+	  "notes": [
+		{
+		  "text": "exim security update",
+		  "category": "general",
+		  "title": "Synopsis"
+		},
+		{
+		  "text": "An update for exim is now available for openEuler-24.03-LTS.",
+		  "category": "general",
+		  "title": "Summary"
+		},
+		{
+		  "text": "Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail.\n\nSecurity Fix(es):\n\nExim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.(CVE-2023-51766)",
+		  "category": "general",
+		  "title": "Description"
+		},
+		{
+		  "text": "An update for exim is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+		  "category": "general",
+		  "title": "Topic"
+		},
+		{
+		  "text": "Medium",
+		  "category": "general",
+		  "title": "Severity"
+		},
+		{
+		  "text": "exim",
+		  "category": "general",
+		  "title": "Affected Component"
+		}
+	  ],
+	  "publisher": {
+		"issuing_authority": "openEuler security committee",
+		"name": "openEuler",
+		"namespace": "https://www.openeuler.org",
+		"contact_details": "openeuler-security@openeuler.org",
+		"category": "vendor"
+	  },
+	  "references": [
+		{
+		  "summary": "openEuler-SA-2024-1928",
+		  "category": "self",
+		  "url": "https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1928"
+		},
+		{
+		  "summary": "CVE-2023-51766",
+		  "category": "self",
+		  "url": "https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-51766&packageName=exim"
+		},
+		{
+		  "summary": "nvd cve",
+		  "category": "external",
+		  "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51766"
+		},
+		{
+		  "summary": "openEuler-SA-2024-1928 vex file",
+		  "category": "self",
+		  "url": "https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1928.json"
+		}
+	  ],
+	  "title": "An update for exim is now available for openEuler-24.03-LTS",
+	  "tracking": {
+		"initial_release_date": "2024-08-02T19:42:03+08:00",
+		"revision_history": [
+		  {
+			"date": "2024-08-02T19:42:03+08:00",
+			"summary": "Initial",
+			"number": "1.0.0"
+		  },
+		  {
+			"date": "2024-08-05T11:31:03+08:00",
+			"summary": "final",
+			"number": "2.0.0"
+		  }
+		],
+		"generator": {
+		  "date": "2024-08-05T11:31:03+08:00",
+		  "engine": {
+			"name": "openEuler CSAF Tool V1.0"
+		  }
+		},
+		"current_release_date": "2024-08-05T11:31:03+08:00",
+		"id": "openEuler-SA-2024-1928",
+		"version": "2.0.0",
+		"status": "final"
+	  }
+	},
+	"product_tree": {
+	  "branches": [
+		{
+		  "name": "openEuler",
+		  "category": "vendor",
+		  "branches": [
+			{
+			  "name": "openEuler",
+			  "branches": [
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "openEuler-24.03-LTS",
+					"name": "openEuler-24.03-LTS"
+				  },
+				  "name": "openEuler-24.03-LTS",
+				  "category": "product_version"
+				}
+			  ],
+			  "category": "product_name"
+			},
+			{
+			  "name": "aarch64",
+			  "branches": [
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-debugsource-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-debugsource-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-debugsource-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-greylist-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-greylist-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-greylist-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-debuginfo-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-debuginfo-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-debuginfo-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-mysql-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-mysql-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-mysql-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-mon-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-mon-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-mon-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-pgsql-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-pgsql-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-pgsql-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-clamav-4.97.1-2.oe2403.aarch64.rpm",
+					"name": "exim-clamav-4.97.1-2.oe2403.aarch64.rpm"
+				  },
+				  "name": "exim-clamav-4.97.1-2.oe2403.aarch64.rpm",
+				  "category": "product_version"
+				}
+			  ],
+			  "category": "product_name"
+			},
+			{
+			  "name": "src",
+			  "branches": [
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-4.97.1-2.oe2403.src.rpm",
+					"name": "exim-4.97.1-2.oe2403.src.rpm"
+				  },
+				  "name": "exim-4.97.1-2.oe2403.src.rpm",
+				  "category": "product_version"
+				}
+			  ],
+			  "category": "product_name"
+			},
+			{
+			  "name": "x86_64",
+			  "branches": [
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-greylist-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-greylist-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-greylist-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-clamav-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-clamav-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-clamav-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-pgsql-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-pgsql-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-pgsql-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-debuginfo-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-debuginfo-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-debuginfo-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-mysql-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-mysql-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-mysql-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-mon-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-mon-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-mon-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				},
+				{
+				  "product": {
+					"product_identification_helper": {
+					  "cpe": "cpe:/a:openEuler:openEuler:24.03-LTS"
+					},
+					"product_id": "exim-debugsource-4.97.1-2.oe2403.x86_64.rpm",
+					"name": "exim-debugsource-4.97.1-2.oe2403.x86_64.rpm"
+				  },
+				  "name": "exim-debugsource-4.97.1-2.oe2403.x86_64.rpm",
+				  "category": "product_version"
+				}
+			  ],
+			  "category": "product_name"
+			}
+		  ]
+		}
+	  ],
+	  "relationships": [
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.aarch64",
+			"name": "exim-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-debugsource-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.aarch64",
+			"name": "exim-debugsource-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-greylist-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.aarch64",
+			"name": "exim-greylist-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-debuginfo-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.aarch64",
+			"name": "exim-debuginfo-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-mysql-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.aarch64",
+			"name": "exim-mysql-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-mon-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.aarch64",
+			"name": "exim-mon-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-pgsql-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.aarch64",
+			"name": "exim-pgsql-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-clamav-4.97.1-2.oe2403.aarch64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.aarch64",
+			"name": "exim-clamav-4.97.1-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-4.97.1-2.oe2403.src.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.src",
+			"name": "exim-4.97.1-2.oe2403.src as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-greylist-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.x86_64",
+			"name": "exim-greylist-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-clamav-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.x86_64",
+			"name": "exim-clamav-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-pgsql-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.x86_64",
+			"name": "exim-pgsql-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-debuginfo-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.x86_64",
+			"name": "exim-debuginfo-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-mysql-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.x86_64",
+			"name": "exim-mysql-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-mon-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.x86_64",
+			"name": "exim-mon-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.x86_64",
+			"name": "exim-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		},
+		{
+		  "relates_to_product_reference": "openEuler-24.03-LTS",
+		  "product_reference": "exim-debugsource-4.97.1-2.oe2403.x86_64.rpm",
+		  "full_product_name": {
+			"product_id": "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.x86_64",
+			"name": "exim-debugsource-4.97.1-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+		  },
+		  "category": "default_component_of"
+		}
+	  ]
+	},
+	"vulnerabilities": [
+	  {
+		"cve": "CVE-2023-51766",
+		"notes": [
+		  {
+			"text": "Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.",
+			"category": "description",
+			"title": "Vulnerability Description"
+		  }
+		],
+		"product_status": {
+		  "fixed": [
+			"openEuler-24.03-LTS:exim-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.aarch64",
+			"openEuler-24.03-LTS:exim-4.97.1-2.oe2403.src",
+			"openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-4.97.1-2.oe2403.x86_64",
+			"openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.x86_64"
+		  ]
+		},
+		"remediations": [
+		  {
+			"product_ids": [
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.src",
+			  "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.x86_64"
+			],
+			"details": "exim security update",
+			"category": "vendor_fix",
+			"url": "https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1928"
+		  }
+		],
+		"scores": [
+		  {
+			"cvss_v3": {
+			  "baseSeverity": "MEDIUM",
+			  "baseScore": 5.3,
+			  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+			  "version": "3.1"
+			},
+			"products": [
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.aarch64",
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.src",
+			  "openEuler-24.03-LTS:exim-greylist-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-clamav-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-pgsql-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-debuginfo-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-mysql-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-mon-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-4.97.1-2.oe2403.x86_64",
+			  "openEuler-24.03-LTS:exim-debugsource-4.97.1-2.oe2403.x86_64"
+			]
+		  }
+		],
+		"threats": [
+		  {
+			"details": "Medium",
+			"category": "impact"
+		  }
+		],
+		"title": "CVE-2023-51766"
+	  }
+	]
+  }
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1929.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1929.json
@ -0,0 +1,448 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mpv security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mpv is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Mpv is a movie player based on MPlayer and mplayer2. It supports a wide variety of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different video and audio output methods are supported.\n\nSecurity Fix(es):\n\nA format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.(CVE-2021-30145)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mpv is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mpv",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1929",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1929"
+			},
+			{
+				"summary":"CVE-2021-30145",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-30145&packageName=mpv"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30145"
+			},
+			{
+				"summary":"openEuler-SA-2024-1929 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1929.json"
+			}
+		],
+		"title":"An update for mpv is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:04+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:04+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:04+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:04+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:04+08:00",
+			"id":"openEuler-SA-2024-1929",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64.rpm",
+									"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-debugsource-0.32.0-3.oe2203sp3.aarch64.rpm",
+									"name":"mpv-debugsource-0.32.0-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mpv-debugsource-0.32.0-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-libs-0.32.0-3.oe2203sp3.aarch64.rpm",
+									"name":"mpv-libs-0.32.0-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mpv-libs-0.32.0-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64.rpm",
+									"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp3.aarch64.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp3.aarch64.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp3.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp3.src.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp3.src.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64.rpm",
+									"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64.rpm",
+									"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-debugsource-0.32.0-3.oe2203sp3.x86_64.rpm",
+									"name":"mpv-debugsource-0.32.0-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mpv-debugsource-0.32.0-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-libs-0.32.0-3.oe2203sp3.x86_64.rpm",
+									"name":"mpv-libs-0.32.0-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mpv-libs-0.32.0-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp3.x86_64.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp3.x86_64.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp3.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64",
+					"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-debugsource-0.32.0-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.aarch64",
+					"name":"mpv-debugsource-0.32.0-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-libs-0.32.0-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.aarch64",
+					"name":"mpv-libs-0.32.0-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64",
+					"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-0.32.0-3.oe2203sp3.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.aarch64",
+					"name":"mpv-0.32.0-3.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-0.32.0-3.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.src",
+					"name":"mpv-0.32.0-3.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64",
+					"name":"mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64",
+					"name":"mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-debugsource-0.32.0-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.x86_64",
+					"name":"mpv-debugsource-0.32.0-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-libs-0.32.0-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.x86_64",
+					"name":"mpv-libs-0.32.0-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"mpv-0.32.0-3.oe2203sp3.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.x86_64",
+					"name":"mpv-0.32.0-3.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2021-30145",
+			"notes":[
+				{
+					"text":"A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.aarch64",
+					"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.x86_64",
+					"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.x86_64"
+					],
+					"details":"mpv security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1929"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.aarch64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP3:mpv-debuginfo-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-devel-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-debugsource-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-libs-0.32.0-3.oe2203sp3.x86_64",
+						"openEuler-22.03-LTS-SP3:mpv-0.32.0-3.oe2203sp3.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2021-30145"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1930.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1930.json
@ -0,0 +1,448 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"mpv security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for mpv is now available for openEuler-22.03-LTS-SP4.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Mpv is a movie player based on MPlayer and mplayer2. It supports a wide variety of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different video and audio output methods are supported.\n\nSecurity Fix(es):\n\nA format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.(CVE-2021-30145)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for mpv is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"mpv",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1930",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1930"
+			},
+			{
+				"summary":"CVE-2021-30145",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-30145&packageName=mpv"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30145"
+			},
+			{
+				"summary":"openEuler-SA-2024-1930 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1930.json"
+			}
+		],
+		"title":"An update for mpv is now available for openEuler-22.03-LTS-SP4",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:05+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:05+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:05+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:05+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:05+08:00",
+			"id":"openEuler-SA-2024-1930",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64.rpm",
+									"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp4.aarch64.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64.rpm",
+									"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-libs-0.32.0-3.oe2203sp4.aarch64.rpm",
+									"name":"mpv-libs-0.32.0-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mpv-libs-0.32.0-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-debugsource-0.32.0-3.oe2203sp4.aarch64.rpm",
+									"name":"mpv-debugsource-0.32.0-3.oe2203sp4.aarch64.rpm"
+								},
+								"name":"mpv-debugsource-0.32.0-3.oe2203sp4.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp4.src.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp4.src.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp4.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-debugsource-0.32.0-3.oe2203sp4.x86_64.rpm",
+									"name":"mpv-debugsource-0.32.0-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mpv-debugsource-0.32.0-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-0.32.0-3.oe2203sp4.x86_64.rpm",
+									"name":"mpv-0.32.0-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mpv-0.32.0-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64.rpm",
+									"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-libs-0.32.0-3.oe2203sp4.x86_64.rpm",
+									"name":"mpv-libs-0.32.0-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mpv-libs-0.32.0-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64.rpm",
+									"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64.rpm"
+								},
+								"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64",
+					"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-0.32.0-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.aarch64",
+					"name":"mpv-0.32.0-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64",
+					"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-libs-0.32.0-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.aarch64",
+					"name":"mpv-libs-0.32.0-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-debugsource-0.32.0-3.oe2203sp4.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.aarch64",
+					"name":"mpv-debugsource-0.32.0-3.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-0.32.0-3.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.src",
+					"name":"mpv-0.32.0-3.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-debugsource-0.32.0-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.x86_64",
+					"name":"mpv-debugsource-0.32.0-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-0.32.0-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.x86_64",
+					"name":"mpv-0.32.0-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64",
+					"name":"mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-libs-0.32.0-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.x86_64",
+					"name":"mpv-libs-0.32.0-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64",
+					"name":"mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2021-30145",
+			"notes":[
+				{
+					"text":"A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.aarch64",
+					"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.src",
+					"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.x86_64",
+					"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64"
+					],
+					"details":"mpv security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1930"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.aarch64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.src",
+						"openEuler-22.03-LTS-SP4:mpv-debugsource-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-devel-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-libs-0.32.0-3.oe2203sp4.x86_64",
+						"openEuler-22.03-LTS-SP4:mpv-debuginfo-0.32.0-3.oe2203sp4.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2021-30145"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1931.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1931.json
@ -0,0 +1,716 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-setuptools security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-setuptools is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4 and openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Setuptools is a collection of enhancements to the Python distutils that allow you to more easily build and distribute Python packages, especially ones that have dependencies on other packages.\n\nSecurity Fix(es):\n\nA vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.(CVE-2024-6345)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-setuptools is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4 and openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-setuptools",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1931",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1931"
+			},
+			{
+				"summary":"CVE-2024-6345",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-6345&packageName=python-setuptools"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
+			},
+			{
+				"summary":"openEuler-SA-2024-1931 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1931.json"
+			}
+		],
+		"title":"An update for python-setuptools is now available for openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4 and openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:06+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:06+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:06+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:06+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:06+08:00",
+			"id":"openEuler-SA-2024-1931",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"openEuler-20.03-LTS-SP4",
+									"name":"openEuler-20.03-LTS-SP4"
+								},
+								"name":"openEuler-20.03-LTS-SP4",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"openEuler-22.03-LTS-SP4",
+									"name":"openEuler-22.03-LTS-SP4"
+								},
+								"name":"openEuler-22.03-LTS-SP4",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+									"name":"python-setuptools-44.1.1-3.oe2003sp4.noarch.rpm"
+								},
+								"name":"python-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"python3-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+									"name":"python3-setuptools-44.1.1-3.oe2003sp4.noarch.rpm"
+								},
+								"name":"python3-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"python2-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+									"name":"python2-setuptools-44.1.1-3.oe2003sp4.noarch.rpm"
+								},
+								"name":"python2-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-help-44.1.1-3.oe2003sp4.noarch.rpm",
+									"name":"python-setuptools-help-44.1.1-3.oe2003sp4.noarch.rpm"
+								},
+								"name":"python-setuptools-help-44.1.1-3.oe2003sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python3-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+									"name":"python3-setuptools-59.4.0-6.oe2203sp1.noarch.rpm"
+								},
+								"name":"python3-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp1.noarch.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-setuptools-help-59.4.0-6.oe2203sp1.noarch.rpm",
+									"name":"python-setuptools-help-59.4.0-6.oe2203sp1.noarch.rpm"
+								},
+								"name":"python-setuptools-help-59.4.0-6.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+									"name":"python3-setuptools-59.4.0-6.oe2203sp3.noarch.rpm"
+								},
+								"name":"python3-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-setuptools-help-59.4.0-6.oe2203sp3.noarch.rpm",
+									"name":"python-setuptools-help-59.4.0-6.oe2203sp3.noarch.rpm"
+								},
+								"name":"python-setuptools-help-59.4.0-6.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp3.noarch.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python3-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+									"name":"python3-setuptools-59.4.0-6.oe2203sp4.noarch.rpm"
+								},
+								"name":"python3-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp4.noarch.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-help-59.4.0-6.oe2203sp4.noarch.rpm",
+									"name":"python-setuptools-help-59.4.0-6.oe2203sp4.noarch.rpm"
+								},
+								"name":"python-setuptools-help-59.4.0-6.oe2203sp4.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-setuptools-68.0.0-2.oe2403.noarch.rpm",
+									"name":"python3-setuptools-68.0.0-2.oe2403.noarch.rpm"
+								},
+								"name":"python3-setuptools-68.0.0-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-setuptools-68.0.0-2.oe2403.noarch.rpm",
+									"name":"python-setuptools-68.0.0-2.oe2403.noarch.rpm"
+								},
+								"name":"python-setuptools-68.0.0-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-setuptools-help-68.0.0-2.oe2403.noarch.rpm",
+									"name":"python-setuptools-help-68.0.0-2.oe2403.noarch.rpm"
+								},
+								"name":"python-setuptools-help-68.0.0-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-44.1.1-3.oe2003sp4.src.rpm",
+									"name":"python-setuptools-44.1.1-3.oe2003sp4.src.rpm"
+								},
+								"name":"python-setuptools-44.1.1-3.oe2003sp4.src.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp1.src.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp1.src.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp1.src.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp3.src.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp3.src.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp3.src.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
+									},
+									"product_id":"python-setuptools-59.4.0-6.oe2203sp4.src.rpm",
+									"name":"python-setuptools-59.4.0-6.oe2203sp4.src.rpm"
+								},
+								"name":"python-setuptools-59.4.0-6.oe2203sp4.src.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-setuptools-68.0.0-2.oe2403.src.rpm",
+									"name":"python-setuptools-68.0.0-2.oe2403.src.rpm"
+								},
+								"name":"python-setuptools-68.0.0-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"python-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"name":"python-setuptools-44.1.1-3.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"python3-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:python3-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"name":"python3-setuptools-44.1.1-3.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"python2-setuptools-44.1.1-3.oe2003sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:python2-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"name":"python2-setuptools-44.1.1-3.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"python-setuptools-help-44.1.1-3.oe2003sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:python-setuptools-help-44.1.1-3.oe2003sp4.noarch",
+					"name":"python-setuptools-help-44.1.1-3.oe2003sp4.noarch as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python3-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python3-setuptools-59.4.0-6.oe2203sp1.noarch",
+					"name":"python3-setuptools-59.4.0-6.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.noarch",
+					"name":"python-setuptools-59.4.0-6.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-setuptools-help-59.4.0-6.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-setuptools-help-59.4.0-6.oe2203sp1.noarch",
+					"name":"python-setuptools-help-59.4.0-6.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-setuptools-59.4.0-6.oe2203sp3.noarch",
+					"name":"python3-setuptools-59.4.0-6.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-setuptools-help-59.4.0-6.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-setuptools-help-59.4.0-6.oe2203sp3.noarch",
+					"name":"python-setuptools-help-59.4.0-6.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.noarch",
+					"name":"python-setuptools-59.4.0-6.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python3-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python3-setuptools-59.4.0-6.oe2203sp4.noarch",
+					"name":"python3-setuptools-59.4.0-6.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.noarch",
+					"name":"python-setuptools-59.4.0-6.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python-setuptools-help-59.4.0-6.oe2203sp4.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python-setuptools-help-59.4.0-6.oe2203sp4.noarch",
+					"name":"python-setuptools-help-59.4.0-6.oe2203sp4.noarch as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-setuptools-68.0.0-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-setuptools-68.0.0-2.oe2403.noarch",
+					"name":"python3-setuptools-68.0.0-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-setuptools-68.0.0-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.noarch",
+					"name":"python-setuptools-68.0.0-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-setuptools-help-68.0.0-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-setuptools-help-68.0.0-2.oe2403.noarch",
+					"name":"python-setuptools-help-68.0.0-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
+				"product_reference":"python-setuptools-44.1.1-3.oe2003sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.src",
+					"name":"python-setuptools-44.1.1-3.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.src",
+					"name":"python-setuptools-59.4.0-6.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.src",
+					"name":"python-setuptools-59.4.0-6.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
+				"product_reference":"python-setuptools-59.4.0-6.oe2203sp4.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.src",
+					"name":"python-setuptools-59.4.0-6.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-setuptools-68.0.0-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.src",
+					"name":"python-setuptools-68.0.0-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-6345",
+			"notes":[
+				{
+					"text":"A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"openEuler-20.03-LTS-SP4:python3-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"openEuler-20.03-LTS-SP4:python2-setuptools-44.1.1-3.oe2003sp4.noarch",
+					"openEuler-20.03-LTS-SP4:python-setuptools-help-44.1.1-3.oe2003sp4.noarch",
+					"openEuler-22.03-LTS-SP1:python3-setuptools-59.4.0-6.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP1:python-setuptools-help-59.4.0-6.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP3:python3-setuptools-59.4.0-6.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:python-setuptools-help-59.4.0-6.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP4:python3-setuptools-59.4.0-6.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.noarch",
+					"openEuler-22.03-LTS-SP4:python-setuptools-help-59.4.0-6.oe2203sp4.noarch",
+					"openEuler-24.03-LTS:python3-setuptools-68.0.0-2.oe2403.noarch",
+					"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.noarch",
+					"openEuler-24.03-LTS:python-setuptools-help-68.0.0-2.oe2403.noarch",
+					"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.src",
+					"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.src",
+					"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.src",
+					"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.src",
+					"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python3-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python2-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python-setuptools-help-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-22.03-LTS-SP1:python3-setuptools-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-setuptools-help-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP3:python3-setuptools-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-setuptools-help-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP4:python3-setuptools-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python-setuptools-help-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-24.03-LTS:python3-setuptools-68.0.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-setuptools-help-68.0.0-2.oe2403.noarch",
+						"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.src",
+						"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.src",
+						"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.src"
+					],
+					"details":"python-setuptools security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1931"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":8.8,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python3-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python2-setuptools-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-20.03-LTS-SP4:python-setuptools-help-44.1.1-3.oe2003sp4.noarch",
+						"openEuler-22.03-LTS-SP1:python3-setuptools-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-setuptools-help-59.4.0-6.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP3:python3-setuptools-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-setuptools-help-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP4:python3-setuptools-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-22.03-LTS-SP4:python-setuptools-help-59.4.0-6.oe2203sp4.noarch",
+						"openEuler-24.03-LTS:python3-setuptools-68.0.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-setuptools-help-68.0.0-2.oe2403.noarch",
+						"openEuler-20.03-LTS-SP4:python-setuptools-44.1.1-3.oe2003sp4.src",
+						"openEuler-22.03-LTS-SP1:python-setuptools-59.4.0-6.oe2203sp1.src",
+						"openEuler-22.03-LTS-SP3:python-setuptools-59.4.0-6.oe2203sp3.src",
+						"openEuler-22.03-LTS-SP4:python-setuptools-59.4.0-6.oe2203sp4.src",
+						"openEuler-24.03-LTS:python-setuptools-68.0.0-2.oe2403.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-6345"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1932.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1932.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1933.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1933.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1934.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1934.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1935.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1935.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1936.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1936.json
@ -0,0 +1,494 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"ffmpeg security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for ffmpeg is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash.\n\nSecurity Fix(es):\n\nFFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end.(CVE-2024-32228)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for ffmpeg is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"ffmpeg",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1936",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1936"
+			},
+			{
+				"summary":"CVE-2024-32228",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-32228&packageName=ffmpeg"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32228"
+			},
+			{
+				"summary":"openEuler-SA-2024-1936 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1936.json"
+			}
+		],
+		"title":"An update for ffmpeg is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:14+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:14+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:14+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:14+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:14+08:00",
+			"id":"openEuler-SA-2024-1936",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"ffmpeg-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"ffmpeg-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libavdevice-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"libavdevice-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"libavdevice-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-libs-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"ffmpeg-libs-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"ffmpeg-libs-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-debugsource-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"ffmpeg-debugsource-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"ffmpeg-debugsource-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-devel-6.1.1-11.oe2403.aarch64.rpm",
+									"name":"ffmpeg-devel-6.1.1-11.oe2403.aarch64.rpm"
+								},
+								"name":"ffmpeg-devel-6.1.1-11.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-6.1.1-11.oe2403.src.rpm",
+									"name":"ffmpeg-6.1.1-11.oe2403.src.rpm"
+								},
+								"name":"ffmpeg-6.1.1-11.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-debugsource-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"ffmpeg-debugsource-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"ffmpeg-debugsource-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-libs-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"ffmpeg-libs-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"ffmpeg-libs-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libavdevice-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"libavdevice-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"libavdevice-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"ffmpeg-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"ffmpeg-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"ffmpeg-devel-6.1.1-11.oe2403.x86_64.rpm",
+									"name":"ffmpeg-devel-6.1.1-11.oe2403.x86_64.rpm"
+								},
+								"name":"ffmpeg-devel-6.1.1-11.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64",
+					"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.aarch64",
+					"name":"ffmpeg-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libavdevice-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.aarch64",
+					"name":"libavdevice-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-libs-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.aarch64",
+					"name":"ffmpeg-libs-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-debugsource-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.aarch64",
+					"name":"ffmpeg-debugsource-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-devel-6.1.1-11.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.aarch64",
+					"name":"ffmpeg-devel-6.1.1-11.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-6.1.1-11.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.src",
+					"name":"ffmpeg-6.1.1-11.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-debugsource-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.x86_64",
+					"name":"ffmpeg-debugsource-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-libs-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.x86_64",
+					"name":"ffmpeg-libs-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libavdevice-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.x86_64",
+					"name":"libavdevice-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64",
+					"name":"ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.x86_64",
+					"name":"ffmpeg-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"ffmpeg-devel-6.1.1-11.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.x86_64",
+					"name":"ffmpeg-devel-6.1.1-11.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-32228",
+			"notes":[
+				{
+					"text":"FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.aarch64",
+					"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.src",
+					"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.x86_64",
+					"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.x86_64",
+					"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.x86_64",
+					"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64",
+					"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.x86_64",
+					"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.src",
+						"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.x86_64"
+					],
+					"details":"ffmpeg security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1936"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.3,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.aarch64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.src",
+						"openEuler-24.03-LTS:ffmpeg-debugsource-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-libs-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:libavdevice-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-debuginfo-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-6.1.1-11.oe2403.x86_64",
+						"openEuler-24.03-LTS:ffmpeg-devel-6.1.1-11.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-32228"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1937.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1937.json
@ -0,0 +1,753 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"plasma-workspace security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for plasma-workspace is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Plasma 5 libraries and runtime components\n\nSecurity Fix(es):\n\nKSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory.(CVE-2024-36041)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for plasma-workspace is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"plasma-workspace",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1937",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1937"
+			},
+			{
+				"summary":"CVE-2024-36041",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36041&packageName=plasma-workspace"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36041"
+			},
+			{
+				"summary":"openEuler-SA-2024-1937 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1937.json"
+			}
+		],
+		"title":"An update for plasma-workspace is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:15+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:15+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:15+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:15+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:15+08:00",
+			"id":"openEuler-SA-2024-1937",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libkworkspace5-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"libkworkspace5-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"libkworkspace5-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-common-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-common-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-common-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-wayland-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-wayland-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-wayland-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-libs-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-libs-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-libs-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-devel-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-devel-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-devel-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-x11-5.27.10-2.oe2403.aarch64.rpm",
+									"name":"plasma-workspace-x11-5.27.10-2.oe2403.aarch64.rpm"
+								},
+								"name":"plasma-workspace-x11-5.27.10-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-doc-5.27.10-2.oe2403.noarch.rpm",
+									"name":"plasma-workspace-doc-5.27.10-2.oe2403.noarch.rpm"
+								},
+								"name":"plasma-workspace-doc-5.27.10-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-5.27.10-2.oe2403.src.rpm",
+									"name":"plasma-workspace-5.27.10-2.oe2403.src.rpm"
+								},
+								"name":"plasma-workspace-5.27.10-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-wayland-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-wayland-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-wayland-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-libs-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-libs-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-libs-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-common-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-common-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-common-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-x11-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-x11-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-x11-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"plasma-workspace-devel-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"plasma-workspace-devel-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"plasma-workspace-devel-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libkworkspace5-5.27.10-2.oe2403.x86_64.rpm",
+									"name":"libkworkspace5-5.27.10-2.oe2403.x86_64.rpm"
+								},
+								"name":"libkworkspace5-5.27.10-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libkworkspace5-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.aarch64",
+					"name":"libkworkspace5-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-common-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-common-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-wayland-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-wayland-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-libs-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-libs-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-devel-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-devel-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-x11-5.27.10-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.aarch64",
+					"name":"plasma-workspace-x11-5.27.10-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-doc-5.27.10-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-doc-5.27.10-2.oe2403.noarch",
+					"name":"plasma-workspace-doc-5.27.10-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-5.27.10-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.src",
+					"name":"plasma-workspace-5.27.10-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-wayland-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-wayland-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-libs-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-libs-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-common-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-common-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-x11-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-x11-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"plasma-workspace-devel-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.x86_64",
+					"name":"plasma-workspace-devel-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libkworkspace5-5.27.10-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.x86_64",
+					"name":"libkworkspace5-5.27.10-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-36041",
+			"notes":[
+				{
+					"text":"KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:plasma-workspace-doc-5.27.10-2.oe2403.noarch",
+					"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.src",
+					"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-doc-5.27.10-2.oe2403.noarch",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.src",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.x86_64"
+					],
+					"details":"plasma-workspace security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1937"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.8,
+						"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:plasma-workspace-doc-5.27.10-2.oe2403.noarch",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.src",
+						"openEuler-24.03-LTS:plasma-workspace-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-wayland-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-libs-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-libs-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-geolocation-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-debuginfo-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-common-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-debugsource-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-x11-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:plasma-workspace-devel-5.27.10-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:libkworkspace5-5.27.10-2.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-36041"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1938.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1938.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1939.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1939.json
@ -0,0 +1,429 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"firefox security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for firefox is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Mozilla Firefox is a standalone web browser, designed for standards compliance and performance.  Its functionality can be enhanced via a plethora of extensions.\n\nSecurity Fix(es):\n\nIf a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.(CVE-2024-5688)\n\nA mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.(CVE-2024-6602)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for firefox is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"firefox",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1939",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1939"
+			},
+			{
+				"summary":"CVE-2024-5688",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5688&packageName=firefox"
+			},
+			{
+				"summary":"CVE-2024-6602",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-6602&packageName=firefox"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5688"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-6602"
+			},
+			{
+				"summary":"openEuler-SA-2024-1939 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1939.json"
+			}
+		],
+		"title":"An update for firefox is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:17+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:17+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:17+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:17+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:17+08:00",
+			"id":"openEuler-SA-2024-1939",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-debugsource-115.13.0-1.oe2403.aarch64.rpm",
+									"name":"firefox-debugsource-115.13.0-1.oe2403.aarch64.rpm"
+								},
+								"name":"firefox-debugsource-115.13.0-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-debuginfo-115.13.0-1.oe2403.aarch64.rpm",
+									"name":"firefox-debuginfo-115.13.0-1.oe2403.aarch64.rpm"
+								},
+								"name":"firefox-debuginfo-115.13.0-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-115.13.0-1.oe2403.aarch64.rpm",
+									"name":"firefox-115.13.0-1.oe2403.aarch64.rpm"
+								},
+								"name":"firefox-115.13.0-1.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-115.13.0-1.oe2403.src.rpm",
+									"name":"firefox-115.13.0-1.oe2403.src.rpm"
+								},
+								"name":"firefox-115.13.0-1.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-debugsource-115.13.0-1.oe2403.x86_64.rpm",
+									"name":"firefox-debugsource-115.13.0-1.oe2403.x86_64.rpm"
+								},
+								"name":"firefox-debugsource-115.13.0-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-debuginfo-115.13.0-1.oe2403.x86_64.rpm",
+									"name":"firefox-debuginfo-115.13.0-1.oe2403.x86_64.rpm"
+								},
+								"name":"firefox-debuginfo-115.13.0-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"firefox-115.13.0-1.oe2403.x86_64.rpm",
+									"name":"firefox-115.13.0-1.oe2403.x86_64.rpm"
+								},
+								"name":"firefox-115.13.0-1.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-debugsource-115.13.0-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+					"name":"firefox-debugsource-115.13.0-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-debuginfo-115.13.0-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+					"name":"firefox-debuginfo-115.13.0-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-115.13.0-1.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+					"name":"firefox-115.13.0-1.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-115.13.0-1.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+					"name":"firefox-115.13.0-1.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-debugsource-115.13.0-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+					"name":"firefox-debugsource-115.13.0-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-debuginfo-115.13.0-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+					"name":"firefox-debuginfo-115.13.0-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"firefox-115.13.0-1.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64",
+					"name":"firefox-115.13.0-1.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5688",
+			"notes":[
+				{
+					"text":"If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+					"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+					],
+					"details":"firefox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1939"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5688"
+		},
+		{
+			"cve":"CVE-2024-6602",
+			"notes":[
+				{
+					"text":"A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+					"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+					"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+					],
+					"details":"firefox security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1939"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":6.1,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.aarch64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.src",
+						"openEuler-24.03-LTS:firefox-debugsource-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-debuginfo-115.13.0-1.oe2403.x86_64",
+						"openEuler-24.03-LTS:firefox-115.13.0-1.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-6602"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1940.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1940.json
@ -0,0 +1,669 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python3 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python3 is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C++ (or other languages, depending on the chosen implementation). Python is also usable as an extension language for applications written in other languages that need easy-to-use scripting or automation interfaces.\n\nSecurity Fix(es):\n\nA defect was discovered in the Python “ssl” module where there is a memory\nrace condition with the ssl.SSLContext methods “cert_store_stats()” and\n“get_ca_certs()”. The race condition can be triggered if the methods are\ncalled at the same time as certificates are loaded into the SSLContext,\nsuch as during the TLS handshake with a certificate directory configured.\nThis issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.(CVE-2024-0397)\n\nThe “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.(CVE-2024-4032)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python3 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python3",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1940",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1940"
+			},
+			{
+				"summary":"CVE-2024-0397",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-0397&packageName=python3"
+			},
+			{
+				"summary":"CVE-2024-4032",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-4032&packageName=python3"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0397"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4032"
+			},
+			{
+				"summary":"openEuler-SA-2024-1940 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1940.json"
+			}
+		],
+		"title":"An update for python3 is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:19+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:19+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:19+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:19+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:19+08:00",
+			"id":"openEuler-SA-2024-1940",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-devel-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-devel-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-devel-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debuginfo-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-debuginfo-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-debuginfo-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-unversioned-command-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-unversioned-command-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-unversioned-command-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debugsource-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-debugsource-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-debugsource-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-tkinter-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-tkinter-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-tkinter-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debug-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-debug-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-debug-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-3.11.6-4.oe2403.aarch64.rpm",
+									"name":"python3-3.11.6-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-3.11.6-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-help-3.11.6-4.oe2403.noarch.rpm",
+									"name":"python3-help-3.11.6-4.oe2403.noarch.rpm"
+								},
+								"name":"python3-help-3.11.6-4.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-3.11.6-4.oe2403.src.rpm",
+									"name":"python3-3.11.6-4.oe2403.src.rpm"
+								},
+								"name":"python3-3.11.6-4.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-unversioned-command-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-unversioned-command-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-unversioned-command-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debuginfo-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-debuginfo-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-debuginfo-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debugsource-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-debugsource-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-debugsource-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-tkinter-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-tkinter-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-tkinter-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-devel-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-devel-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-devel-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-debug-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-debug-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-debug-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-3.11.6-4.oe2403.x86_64.rpm",
+									"name":"python3-3.11.6-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-3.11.6-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-devel-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+					"name":"python3-devel-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debuginfo-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+					"name":"python3-debuginfo-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-unversioned-command-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+					"name":"python3-unversioned-command-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debugsource-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+					"name":"python3-debugsource-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-tkinter-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+					"name":"python3-tkinter-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debug-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+					"name":"python3-debug-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-3.11.6-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+					"name":"python3-3.11.6-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-help-3.11.6-4.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+					"name":"python3-help-3.11.6-4.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-3.11.6-4.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+					"name":"python3-3.11.6-4.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-unversioned-command-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+					"name":"python3-unversioned-command-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debuginfo-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+					"name":"python3-debuginfo-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debugsource-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+					"name":"python3-debugsource-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-tkinter-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+					"name":"python3-tkinter-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-devel-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+					"name":"python3-devel-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-debug-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+					"name":"python3-debug-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-3.11.6-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64",
+					"name":"python3-3.11.6-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-0397",
+			"notes":[
+				{
+					"text":"A defect was discovered in the Python “ssl” module where there is a memoryrace condition with the ssl.SSLContext methods “cert_store_stats()” and“get_ca_certs()”. The race condition can be triggered if the methods arecalled at the same time as certificates are loaded into the SSLContext,such as during the TLS handshake with a certificate directory configured.This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+					"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+					],
+					"details":"python3 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1940"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.4,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-0397"
+		},
+		{
+			"cve":"CVE-2024-4032",
+			"notes":[
+				{
+					"text":"The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+					"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+					],
+					"details":"python3 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1940"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.4,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-help-3.11.6-4.oe2403.noarch",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.src",
+						"openEuler-24.03-LTS:python3-unversioned-command-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debuginfo-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debugsource-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-tkinter-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-devel-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-debug-3.11.6-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-3.11.6-4.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-4032"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1941.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1941.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1942.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1942.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1943.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1943.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1944.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1944.json
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1945.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1945.json
@ -0,0 +1,235 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-urllib3 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP1.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Sanity-friendly HTTP client for Python\n\nSecurity Fix(es):\n\n urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.(CVE-2024-37891)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-urllib3",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1945",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1945"
+			},
+			{
+				"summary":"CVE-2024-37891",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-37891&packageName=python-urllib3"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37891"
+			},
+			{
+				"summary":"openEuler-SA-2024-1945 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1945.json"
+			}
+		],
+		"title":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP1",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:28+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:28+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:28+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:28+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:28+08:00",
+			"id":"openEuler-SA-2024-1945",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"openEuler-22.03-LTS-SP1",
+									"name":"openEuler-22.03-LTS-SP1"
+								},
+								"name":"openEuler-22.03-LTS-SP1",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python3-urllib3-1.26.12-7.oe2203sp1.noarch.rpm",
+									"name":"python3-urllib3-1.26.12-7.oe2203sp1.noarch.rpm"
+								},
+								"name":"python3-urllib3-1.26.12-7.oe2203sp1.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP1"
+									},
+									"product_id":"python-urllib3-1.26.12-7.oe2203sp1.src.rpm",
+									"name":"python-urllib3-1.26.12-7.oe2203sp1.src.rpm"
+								},
+								"name":"python-urllib3-1.26.12-7.oe2203sp1.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python3-urllib3-1.26.12-7.oe2203sp1.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python3-urllib3-1.26.12-7.oe2203sp1.noarch",
+					"name":"python3-urllib3-1.26.12-7.oe2203sp1.noarch as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP1",
+				"product_reference":"python-urllib3-1.26.12-7.oe2203sp1.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP1:python-urllib3-1.26.12-7.oe2203sp1.src",
+					"name":"python-urllib3-1.26.12-7.oe2203sp1.src as a component of openEuler-22.03-LTS-SP1"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-37891",
+			"notes":[
+				{
+					"text":" urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP1:python3-urllib3-1.26.12-7.oe2203sp1.noarch",
+					"openEuler-22.03-LTS-SP1:python-urllib3-1.26.12-7.oe2203sp1.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP1:python3-urllib3-1.26.12-7.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-urllib3-1.26.12-7.oe2203sp1.src"
+					],
+					"details":"python-urllib3 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1945"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.4,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP1:python3-urllib3-1.26.12-7.oe2203sp1.noarch",
+						"openEuler-22.03-LTS-SP1:python-urllib3-1.26.12-7.oe2203sp1.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-37891"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1946.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1946.json
@ -0,0 +1,235 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-urllib3 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP3.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Sanity-friendly HTTP client for Python\n\nSecurity Fix(es):\n\n urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.(CVE-2024-37891)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-urllib3",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1946",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1946"
+			},
+			{
+				"summary":"CVE-2024-37891",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-37891&packageName=python-urllib3"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37891"
+			},
+			{
+				"summary":"openEuler-SA-2024-1946 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1946.json"
+			}
+		],
+		"title":"An update for python-urllib3 is now available for openEuler-22.03-LTS-SP3",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:29+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:29+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:29+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:29+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:29+08:00",
+			"id":"openEuler-SA-2024-1946",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"openEuler-22.03-LTS-SP3",
+									"name":"openEuler-22.03-LTS-SP3"
+								},
+								"name":"openEuler-22.03-LTS-SP3",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python3-urllib3-1.26.12-7.oe2203sp3.noarch.rpm",
+									"name":"python3-urllib3-1.26.12-7.oe2203sp3.noarch.rpm"
+								},
+								"name":"python3-urllib3-1.26.12-7.oe2203sp3.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
+									},
+									"product_id":"python-urllib3-1.26.12-7.oe2203sp3.src.rpm",
+									"name":"python-urllib3-1.26.12-7.oe2203sp3.src.rpm"
+								},
+								"name":"python-urllib3-1.26.12-7.oe2203sp3.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python3-urllib3-1.26.12-7.oe2203sp3.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python3-urllib3-1.26.12-7.oe2203sp3.noarch",
+					"name":"python3-urllib3-1.26.12-7.oe2203sp3.noarch as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
+				"product_reference":"python-urllib3-1.26.12-7.oe2203sp3.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-22.03-LTS-SP3:python-urllib3-1.26.12-7.oe2203sp3.src",
+					"name":"python-urllib3-1.26.12-7.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-37891",
+			"notes":[
+				{
+					"text":" urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-22.03-LTS-SP3:python3-urllib3-1.26.12-7.oe2203sp3.noarch",
+					"openEuler-22.03-LTS-SP3:python-urllib3-1.26.12-7.oe2203sp3.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-22.03-LTS-SP3:python3-urllib3-1.26.12-7.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-urllib3-1.26.12-7.oe2203sp3.src"
+					],
+					"details":"python-urllib3 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1946"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.4,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-22.03-LTS-SP3:python3-urllib3-1.26.12-7.oe2203sp3.noarch",
+						"openEuler-22.03-LTS-SP3:python-urllib3-1.26.12-7.oe2203sp3.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-37891"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1947.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1947.json
@ -0,0 +1,235 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Medium"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-urllib3 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Sanity-friendly HTTP client for Python\n\nSecurity Fix(es):\n\n urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.(CVE-2024-37891)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-urllib3 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Medium",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-urllib3",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1947",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1947"
+			},
+			{
+				"summary":"CVE-2024-37891",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-37891&packageName=python-urllib3"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37891"
+			},
+			{
+				"summary":"openEuler-SA-2024-1947 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1947.json"
+			}
+		],
+		"title":"An update for python-urllib3 is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:30+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:30+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:30+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:30+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:30+08:00",
+			"id":"openEuler-SA-2024-1947",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-urllib3-1.26.18-2.oe2403.noarch.rpm",
+									"name":"python3-urllib3-1.26.18-2.oe2403.noarch.rpm"
+								},
+								"name":"python3-urllib3-1.26.18-2.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-urllib3-1.26.18-2.oe2403.src.rpm",
+									"name":"python-urllib3-1.26.18-2.oe2403.src.rpm"
+								},
+								"name":"python-urllib3-1.26.18-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-urllib3-1.26.18-2.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-urllib3-1.26.18-2.oe2403.noarch",
+					"name":"python3-urllib3-1.26.18-2.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-urllib3-1.26.18-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-urllib3-1.26.18-2.oe2403.src",
+					"name":"python-urllib3-1.26.18-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-37891",
+			"notes":[
+				{
+					"text":" urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* using urllib3's proxy support, it's possible to accidentally configure the `Proxy-Authorization` header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the `Proxy-Authorization` HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the `Proxy-Authorization` header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the `Proxy-Authorization` header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: 1. Setting the `Proxy-Authorization` header without using urllib3's built-in proxy support. 2. Not disabling HTTP redirects. 3. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Users are advised to update to either version 1.26.19 or version 2.2.2. Users unable to upgrade may use the `Proxy-Authorization` header with urllib3's `ProxyManager`, disable HTTP redirects using `redirects=False` when sending requests, or not user the `Proxy-Authorization` header as mitigations.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:python3-urllib3-1.26.18-2.oe2403.noarch",
+					"openEuler-24.03-LTS:python-urllib3-1.26.18-2.oe2403.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:python3-urllib3-1.26.18-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-urllib3-1.26.18-2.oe2403.src"
+					],
+					"details":"python-urllib3 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1947"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"MEDIUM",
+						"baseScore":4.4,
+						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:python3-urllib3-1.26.18-2.oe2403.noarch",
+						"openEuler-24.03-LTS:python-urllib3-1.26.18-2.oe2403.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Medium",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-37891"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1948.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1948.json
@ -0,0 +1,258 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"High"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"python-django security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for python-django is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.\n\nSecurity Fix(es):\n\nAn issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.(CVE-2024-38875)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for python-django is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"High",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"python-django",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1948",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1948"
+			},
+			{
+				"summary":"CVE-2024-38875",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38875&packageName=python-django"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38875"
+			},
+			{
+				"summary":"openEuler-SA-2024-1948 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1948.json"
+			}
+		],
+		"title":"An update for python-django is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:32+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:32+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:32+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:32+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:32+08:00",
+			"id":"openEuler-SA-2024-1948",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-Django-4.2.14-1.oe2403.noarch.rpm",
+									"name":"python3-Django-4.2.14-1.oe2403.noarch.rpm"
+								},
+								"name":"python3-Django-4.2.14-1.oe2403.noarch.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-django-help-4.2.14-1.oe2403.noarch.rpm",
+									"name":"python-django-help-4.2.14-1.oe2403.noarch.rpm"
+								},
+								"name":"python-django-help-4.2.14-1.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python-django-4.2.14-1.oe2403.src.rpm",
+									"name":"python-django-4.2.14-1.oe2403.src.rpm"
+								},
+								"name":"python-django-4.2.14-1.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-Django-4.2.14-1.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-Django-4.2.14-1.oe2403.noarch",
+					"name":"python3-Django-4.2.14-1.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-django-help-4.2.14-1.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-django-help-4.2.14-1.oe2403.noarch",
+					"name":"python-django-help-4.2.14-1.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python-django-4.2.14-1.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python-django-4.2.14-1.oe2403.src",
+					"name":"python-django-4.2.14-1.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-38875",
+			"notes":[
+				{
+					"text":"An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:python3-Django-4.2.14-1.oe2403.noarch",
+					"openEuler-24.03-LTS:python-django-help-4.2.14-1.oe2403.noarch",
+					"openEuler-24.03-LTS:python-django-4.2.14-1.oe2403.src"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:python3-Django-4.2.14-1.oe2403.noarch",
+						"openEuler-24.03-LTS:python-django-help-4.2.14-1.oe2403.noarch",
+						"openEuler-24.03-LTS:python-django-4.2.14-1.oe2403.src"
+					],
+					"details":"python-django security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1948"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"HIGH",
+						"baseScore":7.5,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:python3-Django-4.2.14-1.oe2403.noarch",
+						"openEuler-24.03-LTS:python-django-help-4.2.14-1.oe2403.noarch",
+						"openEuler-24.03-LTS:python-django-4.2.14-1.oe2403.src"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"High",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-38875"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1949.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1949.json
@ -0,0 +1,448 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Critical"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"aom security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for aom is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"The Alliance for Open Media’s focus is to deliver a next-generation video format that is:\n\nSecurity Fix(es):\n\nInteger overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers:\n\n\n  *  Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n  *  Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n  *  Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.(CVE-2024-5171)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for aom is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Critical",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"aom",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1949",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1949"
+			},
+			{
+				"summary":"CVE-2024-5171",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-5171&packageName=aom"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-5171"
+			},
+			{
+				"summary":"openEuler-SA-2024-1949 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1949.json"
+			}
+		],
+		"title":"An update for aom is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:33+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:33+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T11:31:33+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T11:31:33+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T11:31:33+08:00",
+			"id":"openEuler-SA-2024-1949",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-3.8.0-2.oe2403.aarch64.rpm",
+									"name":"aom-3.8.0-2.oe2403.aarch64.rpm"
+								},
+								"name":"aom-3.8.0-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-debuginfo-3.8.0-2.oe2403.aarch64.rpm",
+									"name":"aom-debuginfo-3.8.0-2.oe2403.aarch64.rpm"
+								},
+								"name":"aom-debuginfo-3.8.0-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libaom-devel-3.8.0-2.oe2403.aarch64.rpm",
+									"name":"libaom-devel-3.8.0-2.oe2403.aarch64.rpm"
+								},
+								"name":"libaom-devel-3.8.0-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libaom-3.8.0-2.oe2403.aarch64.rpm",
+									"name":"libaom-3.8.0-2.oe2403.aarch64.rpm"
+								},
+								"name":"libaom-3.8.0-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-debugsource-3.8.0-2.oe2403.aarch64.rpm",
+									"name":"aom-debugsource-3.8.0-2.oe2403.aarch64.rpm"
+								},
+								"name":"aom-debugsource-3.8.0-2.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-3.8.0-2.oe2403.src.rpm",
+									"name":"aom-3.8.0-2.oe2403.src.rpm"
+								},
+								"name":"aom-3.8.0-2.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libaom-devel-3.8.0-2.oe2403.x86_64.rpm",
+									"name":"libaom-devel-3.8.0-2.oe2403.x86_64.rpm"
+								},
+								"name":"libaom-devel-3.8.0-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-debugsource-3.8.0-2.oe2403.x86_64.rpm",
+									"name":"aom-debugsource-3.8.0-2.oe2403.x86_64.rpm"
+								},
+								"name":"aom-debugsource-3.8.0-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libaom-3.8.0-2.oe2403.x86_64.rpm",
+									"name":"libaom-3.8.0-2.oe2403.x86_64.rpm"
+								},
+								"name":"libaom-3.8.0-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-debuginfo-3.8.0-2.oe2403.x86_64.rpm",
+									"name":"aom-debuginfo-3.8.0-2.oe2403.x86_64.rpm"
+								},
+								"name":"aom-debuginfo-3.8.0-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"aom-3.8.0-2.oe2403.x86_64.rpm",
+									"name":"aom-3.8.0-2.oe2403.x86_64.rpm"
+								},
+								"name":"aom-3.8.0-2.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-3.8.0-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.aarch64",
+					"name":"aom-3.8.0-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-debuginfo-3.8.0-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.aarch64",
+					"name":"aom-debuginfo-3.8.0-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libaom-devel-3.8.0-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.aarch64",
+					"name":"libaom-devel-3.8.0-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libaom-3.8.0-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.aarch64",
+					"name":"libaom-3.8.0-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-debugsource-3.8.0-2.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.aarch64",
+					"name":"aom-debugsource-3.8.0-2.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-3.8.0-2.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.src",
+					"name":"aom-3.8.0-2.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libaom-devel-3.8.0-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.x86_64",
+					"name":"libaom-devel-3.8.0-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-debugsource-3.8.0-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.x86_64",
+					"name":"aom-debugsource-3.8.0-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libaom-3.8.0-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.x86_64",
+					"name":"libaom-3.8.0-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-debuginfo-3.8.0-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.x86_64",
+					"name":"aom-debuginfo-3.8.0-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"aom-3.8.0-2.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.x86_64",
+					"name":"aom-3.8.0-2.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-5171",
+			"notes":[
+				{
+					"text":"Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers:\n\n\n  *  Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n  *  Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n  *  Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.aarch64",
+					"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.src",
+					"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.x86_64",
+					"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.src",
+						"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.x86_64"
+					],
+					"details":"aom security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1949"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"CRITICAL",
+						"baseScore":9.8,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.aarch64",
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.src",
+						"openEuler-24.03-LTS:libaom-devel-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-debugsource-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:libaom-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-debuginfo-3.8.0-2.oe2403.x86_64",
+						"openEuler-24.03-LTS:aom-3.8.0-2.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Critical",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-5171"
+		}
+	]
+}
--- a/csaf/advisories/2024/csaf-openEuler-SA-2024-1950.json
+++ b/csaf/advisories/2024/csaf-openEuler-SA-2024-1950.json
@ -0,0 +1,477 @@
+{
+	"document":{
+		"aggregate_severity":{
+			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
+			"text":"Critical"
+		},
+		"category":"csaf_vex",
+		"csaf_version":"2.0",
+		"distribution":{
+			"tlp":{
+				"label":"WHITE",
+				"url":"https:/www.first.org/tlp/"
+			}
+		},
+		"lang":"en",
+		"notes":[
+			{
+				"text":"libxml2 security update",
+				"category":"general",
+				"title":"Synopsis"
+			},
+			{
+				"text":"An update for libxml2 is now available for openEuler-24.03-LTS.",
+				"category":"general",
+				"title":"Summary"
+			},
+			{
+				"text":"This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select sub nodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library.\n\nSecurity Fix(es):\n\n(CVE-2024-40896)",
+				"category":"general",
+				"title":"Description"
+			},
+			{
+				"text":"An update for libxml2 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
+				"category":"general",
+				"title":"Topic"
+			},
+			{
+				"text":"Critical",
+				"category":"general",
+				"title":"Severity"
+			},
+			{
+				"text":"libxml2",
+				"category":"general",
+				"title":"Affected Component"
+			}
+		],
+		"publisher":{
+			"issuing_authority":"openEuler security committee",
+			"name":"openEuler",
+			"namespace":"https://www.openeuler.org",
+			"contact_details":"openeuler-security@openeuler.org",
+			"category":"vendor"
+		},
+		"references":[
+			{
+				"summary":"openEuler-SA-2024-1950",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/security-bulletins/detail?id=openEuler-SA-2024-1950"
+			},
+			{
+				"summary":"CVE-2024-40896",
+				"category":"self",
+				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-40896&packageName=libxml2"
+			},
+			{
+				"summary":"nvd cve",
+				"category":"external",
+				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40896"
+			},
+			{
+				"summary":"openEuler-SA-2024-1950 vex file",
+				"category":"self",
+				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1950.json"
+			}
+		],
+		"title":"An update for libxml2 is now available for openEuler-24.03-LTS",
+		"tracking":{
+			"initial_release_date":"2024-08-02T19:42:34+08:00",
+			"revision_history":[
+				{
+					"date":"2024-08-02T19:42:34+08:00",
+					"summary":"Initial",
+					"number":"1.0.0"
+				},
+        {
+					"date":"2024-08-05T10:55:00+08:00",
+					"summary":"final",
+					"number":"2.0.0"
+				}
+			],
+			"generator":{
+				"date":"2024-08-05T10:55:00+08:00",
+				"engine":{
+					"name":"openEuler CSAF Tool V1.0"
+				}
+			},
+			"current_release_date":"2024-08-05T10:55:00+08:00",
+			"id":"openEuler-SA-2024-1950",
+			"version":"2.0.0",
+			"status":"final"
+		}
+	},
+	"product_tree":{
+		"branches":[
+			{
+				"name":"openEuler",
+				"category":"vendor",
+				"branches":[
+					{
+						"name":"openEuler",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"openEuler-24.03-LTS",
+									"name":"openEuler-24.03-LTS"
+								},
+								"name":"openEuler-24.03-LTS",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"aarch64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-devel-2.11.5-4.oe2403.aarch64.rpm",
+									"name":"libxml2-devel-2.11.5-4.oe2403.aarch64.rpm"
+								},
+								"name":"libxml2-devel-2.11.5-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-libxml2-2.11.5-4.oe2403.aarch64.rpm",
+									"name":"python3-libxml2-2.11.5-4.oe2403.aarch64.rpm"
+								},
+								"name":"python3-libxml2-2.11.5-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-2.11.5-4.oe2403.aarch64.rpm",
+									"name":"libxml2-2.11.5-4.oe2403.aarch64.rpm"
+								},
+								"name":"libxml2-2.11.5-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-debuginfo-2.11.5-4.oe2403.aarch64.rpm",
+									"name":"libxml2-debuginfo-2.11.5-4.oe2403.aarch64.rpm"
+								},
+								"name":"libxml2-debuginfo-2.11.5-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-debugsource-2.11.5-4.oe2403.aarch64.rpm",
+									"name":"libxml2-debugsource-2.11.5-4.oe2403.aarch64.rpm"
+								},
+								"name":"libxml2-debugsource-2.11.5-4.oe2403.aarch64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"noarch",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-help-2.11.5-4.oe2403.noarch.rpm",
+									"name":"libxml2-help-2.11.5-4.oe2403.noarch.rpm"
+								},
+								"name":"libxml2-help-2.11.5-4.oe2403.noarch.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"src",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-2.11.5-4.oe2403.src.rpm",
+									"name":"libxml2-2.11.5-4.oe2403.src.rpm"
+								},
+								"name":"libxml2-2.11.5-4.oe2403.src.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					},
+					{
+						"name":"x86_64",
+						"branches":[
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-debugsource-2.11.5-4.oe2403.x86_64.rpm",
+									"name":"libxml2-debugsource-2.11.5-4.oe2403.x86_64.rpm"
+								},
+								"name":"libxml2-debugsource-2.11.5-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-2.11.5-4.oe2403.x86_64.rpm",
+									"name":"libxml2-2.11.5-4.oe2403.x86_64.rpm"
+								},
+								"name":"libxml2-2.11.5-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-devel-2.11.5-4.oe2403.x86_64.rpm",
+									"name":"libxml2-devel-2.11.5-4.oe2403.x86_64.rpm"
+								},
+								"name":"libxml2-devel-2.11.5-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"libxml2-debuginfo-2.11.5-4.oe2403.x86_64.rpm",
+									"name":"libxml2-debuginfo-2.11.5-4.oe2403.x86_64.rpm"
+								},
+								"name":"libxml2-debuginfo-2.11.5-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							},
+							{
+								"product":{
+									"product_identification_helper":{
+										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
+									},
+									"product_id":"python3-libxml2-2.11.5-4.oe2403.x86_64.rpm",
+									"name":"python3-libxml2-2.11.5-4.oe2403.x86_64.rpm"
+								},
+								"name":"python3-libxml2-2.11.5-4.oe2403.x86_64.rpm",
+								"category":"product_version"
+							}
+						],
+						"category":"product_name"
+					}
+				]
+			}
+		],
+		"relationships":[
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-devel-2.11.5-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.aarch64",
+					"name":"libxml2-devel-2.11.5-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-libxml2-2.11.5-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.aarch64",
+					"name":"python3-libxml2-2.11.5-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-2.11.5-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.aarch64",
+					"name":"libxml2-2.11.5-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-debuginfo-2.11.5-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.aarch64",
+					"name":"libxml2-debuginfo-2.11.5-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-debugsource-2.11.5-4.oe2403.aarch64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.aarch64",
+					"name":"libxml2-debugsource-2.11.5-4.oe2403.aarch64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-help-2.11.5-4.oe2403.noarch.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-help-2.11.5-4.oe2403.noarch",
+					"name":"libxml2-help-2.11.5-4.oe2403.noarch as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-2.11.5-4.oe2403.src.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.src",
+					"name":"libxml2-2.11.5-4.oe2403.src as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-debugsource-2.11.5-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.x86_64",
+					"name":"libxml2-debugsource-2.11.5-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-2.11.5-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.x86_64",
+					"name":"libxml2-2.11.5-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-devel-2.11.5-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.x86_64",
+					"name":"libxml2-devel-2.11.5-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"libxml2-debuginfo-2.11.5-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.x86_64",
+					"name":"libxml2-debuginfo-2.11.5-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			},
+			{
+				"relates_to_product_reference":"openEuler-24.03-LTS",
+				"product_reference":"python3-libxml2-2.11.5-4.oe2403.x86_64.rpm",
+				"full_product_name":{
+					"product_id":"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.x86_64",
+					"name":"python3-libxml2-2.11.5-4.oe2403.x86_64 as a component of openEuler-24.03-LTS"
+				},
+				"category":"default_component_of"
+			}
+		]
+	},
+	"vulnerabilities":[
+		{
+			"cve":"CVE-2024-40896",
+			"notes":[
+				{
+					"text":"null",
+					"category":"description",
+					"title":"Vulnerability Description"
+				}
+			],
+			"product_status":{
+				"fixed":[
+					"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.aarch64",
+					"openEuler-24.03-LTS:libxml2-help-2.11.5-4.oe2403.noarch",
+					"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.src",
+					"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.x86_64",
+					"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.x86_64"
+				]
+			},
+			"remediations":[
+				{
+					"product_ids":[
+						"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-help-2.11.5-4.oe2403.noarch",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.src",
+						"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.x86_64"
+					],
+					"details":"libxml2 security update",
+					"category":"vendor_fix",
+					"url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1950"
+				}
+			],
+			"scores":[
+				{
+					"cvss_v3":{
+						"baseSeverity":"CRITICAL",
+						"baseScore":9.1,
+						"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
+						"version":"3.1"
+					},
+					"products":[
+						"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.aarch64",
+						"openEuler-24.03-LTS:libxml2-help-2.11.5-4.oe2403.noarch",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.src",
+						"openEuler-24.03-LTS:libxml2-debugsource-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-devel-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:libxml2-debuginfo-2.11.5-4.oe2403.x86_64",
+						"openEuler-24.03-LTS:python3-libxml2-2.11.5-4.oe2403.x86_64"
+					]
+				}
+			],
+			"threats":[
+				{
+					"details":"Critical",
+					"category":"impact"
+				}
+			],
+			"title":"CVE-2024-40896"
+		}
+	]
+}
--- a/csaf/advisories/index.txt
+++ b/csaf/advisories/index.txt
@ -28,7 +28,7 @@
 2024/csaf-openEuler-SA-2024-1843.json
 2024/csaf-openEuler-SA-2024-1844.json
 2024/csaf-openEuler-SA-2024-1845.json
-46.json
+2024/csaf-openEuler-SA-2024-1846.json
 2024/csaf-openEuler-SA-2024-1847.json
 2024/csaf-openEuler-SA-2024-1848.json
 2024/csaf-openEuler-SA-2024-1849.json
@ -63,3 +63,73 @@
 2024/csaf-openEuler-SA-2024-1878.json
 2024/csaf-openEuler-SA-2024-1879.json
 2024/csaf-openEuler-SA-2024-1880.json
+2024/csaf-openEuler-SA-2024-1881.json
+2024/csaf-openEuler-SA-2024-1882.json
+2024/csaf-openEuler-SA-2024-1883.json
+2024/csaf-openEuler-SA-2024-1884.json
+2024/csaf-openEuler-SA-2024-1885.json
+2024/csaf-openEuler-SA-2024-1886.json
+2024/csaf-openEuler-SA-2024-1887.json
+2024/csaf-openEuler-SA-2024-1888.json
+2024/csaf-openEuler-SA-2024-1889.json
+2024/csaf-openEuler-SA-2024-1890.json
+2024/csaf-openEuler-SA-2024-1891.json
+2024/csaf-openEuler-SA-2024-1892.json
+2024/csaf-openEuler-SA-2024-1893.json
+2024/csaf-openEuler-SA-2024-1894.json
+2024/csaf-openEuler-SA-2024-1895.json
+2024/csaf-openEuler-SA-2024-1896.json
+2024/csaf-openEuler-SA-2024-1897.json
+2024/csaf-openEuler-SA-2024-1898.json
+2024/csaf-openEuler-SA-2024-1899.json
+2024/csaf-openEuler-SA-2024-1900.json
+2024/csaf-openEuler-SA-2024-1901.json
+2024/csaf-openEuler-SA-2024-1902.json
+2024/csaf-openEuler-SA-2024-1903.json
+2024/csaf-openEuler-SA-2024-1904.json
+2024/csaf-openEuler-SA-2024-1905.json
+2024/csaf-openEuler-SA-2024-1906.json
+2024/csaf-openEuler-SA-2024-1907.json
+2024/csaf-openEuler-SA-2024-1908.json
+2024/csaf-openEuler-SA-2024-1909.json
+2024/csaf-openEuler-SA-2024-1910.json
+2024/csaf-openEuler-SA-2024-1911.json
+2024/csaf-openEuler-SA-2024-1912.json
+2024/csaf-openEuler-SA-2024-1913.json
+2024/csaf-openEuler-SA-2024-1914.json
+2024/csaf-openEuler-SA-2024-1915.json
+2024/csaf-openEuler-SA-2024-1916.json
+2024/csaf-openEuler-SA-2024-1917.json
+2024/csaf-openEuler-SA-2024-1918.json
+2024/csaf-openEuler-SA-2024-1919.json
+2024/csaf-openEuler-SA-2024-1920.json
+2024/csaf-openEuler-SA-2024-1921.json
+2024/csaf-openEuler-SA-2024-1922.json
+2024/csaf-openEuler-SA-2024-1923.json
+2024/csaf-openEuler-SA-2024-1924.json
+2024/csaf-openEuler-SA-2024-1925.json
+2024/csaf-openEuler-SA-2024-1926.json
+2024/csaf-openEuler-SA-2024-1927.json
+2024/csaf-openEuler-SA-2024-1928.json
+2024/csaf-openEuler-SA-2024-1929.json
+2024/csaf-openEuler-SA-2024-1930.json
+2024/csaf-openEuler-SA-2024-1931.json
+2024/csaf-openEuler-SA-2024-1932.json
+2024/csaf-openEuler-SA-2024-1933.json
+2024/csaf-openEuler-SA-2024-1934.json
+2024/csaf-openEuler-SA-2024-1935.json
+2024/csaf-openEuler-SA-2024-1936.json
+2024/csaf-openEuler-SA-2024-1937.json
+2024/csaf-openEuler-SA-2024-1938.json
+2024/csaf-openEuler-SA-2024-1939.json
+2024/csaf-openEuler-SA-2024-1940.json
+2024/csaf-openEuler-SA-2024-1941.json
+2024/csaf-openEuler-SA-2024-1942.json
+2024/csaf-openEuler-SA-2024-1943.json
+2024/csaf-openEuler-SA-2024-1944.json
+2024/csaf-openEuler-SA-2024-1945.json
+2024/csaf-openEuler-SA-2024-1946.json
+2024/csaf-openEuler-SA-2024-1947.json
+2024/csaf-openEuler-SA-2024-1948.json
+2024/csaf-openEuler-SA-2024-1949.json
+2024/csaf-openEuler-SA-2024-1950.json
--- a/csaf/download.sh
+++ b/csaf/download.sh
@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+# Filename: download.sh
+# author: 'Jia Chao'
+
+cd ./advisories
+touch index.txt
+wget http://mirrors.ustc.edu.cn/openeuler/security/data/csaf/advisories/index.txt -O new.txt 2> /dev/null
+
+diff new.txt index.txt | rg '<' | awk '{print $2}' | while read line
+do
+  wget -c http://mirrors.ustc.edu.cn/openeuler/security/data/csaf/advisories/$line -O $line
+done
+
+mv new.txt index.txt
--- a/cusa/a/aom/config.json
+++ b/cusa/a/aom/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/a/assimp/config.json
+++ b/cusa/a/assimp/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/a/avro/config.json
+++ b/cusa/a/avro/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/b/botan2/config.json
+++ b/cusa/b/botan2/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/b/busybox/config.json
+++ b/cusa/b/busybox/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/d/dnsjava/config.json
+++ b/cusa/d/dnsjava/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/d/dnsmasq/config.json
+++ b/cusa/d/dnsmasq/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/e/edk2/config.json
+++ b/cusa/e/edk2/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/e/exim/config.json
+++ b/cusa/e/exim/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/g/gtk2/config.json
+++ b/cusa/g/gtk2/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/g/gtk3/config.json
+++ b/cusa/g/gtk3/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/j/openjdk-11/config.json
+++ b/cusa/j/openjdk-11/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/l/libxml2/config.json
+++ b/cusa/l/libxml2/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/m/mpv/config.json
+++ b/cusa/m/mpv/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/m/mysql/config.json
+++ b/cusa/m/mysql/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/plasma-workspace/config.json
+++ b/cusa/p/plasma-workspace/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/python-django/config.json
+++ b/cusa/p/python-django/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/python-setuptools/config.json
+++ b/cusa/p/python-setuptools/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/python-urllib3/config.json
+++ b/cusa/p/python-urllib3/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/python-zipp/config.json
+++ b/cusa/p/python-zipp/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}
--- a/cusa/p/python3/config.json
+++ b/cusa/p/python3/config.json
@ -0,0 +1,5 @@
+{
+  "upstream": "22.03-LTS",
+  "autobuild": true,
+  "fixed_version": ""
+}