From d1d605b41899856b65c349bc97617a748096ab05 Mon Sep 17 00:00:00 2001
From: sampion88 <sammaertens@gmail.com>
Date: Fri, 10 Jan 2025 10:52:16 +0100
Subject: [PATCH 1/4] new vulnerability in io.insert-koin:koin-core

---
 input/new.json | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/input/new.json b/input/new.json
index 87646b9..18041e8 100644
--- a/input/new.json
+++ b/input/new.json
@@ -1,15 +1,25 @@
 {
-  "package_name": "",
-  "patch_versions": [],
-  "vulnerable_ranges": [],
-  "cwe": [],
-  "tldr": "",
-  "doest_this_affect_me": "",
-  "how_to_fix": "",
-  "vulnerable_to": "",
+  "package_name": "io.insert-koin:koin-core",
+  "patch_versions": [
+    "4.0.2-RC2"
+  ],
+  "vulnerable_ranges": [
+    [
+      "3.1.0",
+      "4.0.1"
+    ]
+  ],
+  "cwe": [
+    "CWE-362"
+  ],
+  "tldr": "Affected versions of this package are vulnerable to a race condition, in rare cases this causes application crashes, which might be exploited by malicious actors.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `io.insert-koin:koin-core` library to the patch version.",
+  "reporter": "",
+  "vulnerable_to": "Race Condition",
   "related_cve_id": "",
-  "language": "",
-  "severity_class": "",
-  "aikido_score": 0,
-  "changelog": ""
+  "language": "JAVA",
+  "severity_class": "LOW",
+  "aikido_score": 10,
+  "changelog": "https://github.com/InsertKoinIO/koin/releases/tag/4.0.2-RC2"
 }

From f3a70954971002191f65b50566e9fb6dabeb3ee5 Mon Sep 17 00:00:00 2001
From: sampion88 <36301168+sampion88@users.noreply.github.com>
Date: Thu, 23 Jan 2025 14:33:56 +0100
Subject: [PATCH 2/4] Update new.json

---
 input/new.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/new.json b/input/new.json
index 18041e8..5523099 100644
--- a/input/new.json
+++ b/input/new.json
@@ -1,7 +1,7 @@
 {
   "package_name": "io.insert-koin:koin-core",
   "patch_versions": [
-    "4.0.2-RC2"
+    "4.0.2"
   ],
   "vulnerable_ranges": [
     [

From bebefc79ad8079c8f3318b4e4460eff9f1f8e51c Mon Sep 17 00:00:00 2001
From: sampion88 <36301168+sampion88@users.noreply.github.com>
Date: Thu, 23 Jan 2025 14:36:19 +0100
Subject: [PATCH 3/4] Update new.json

---
 input/new.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/new.json b/input/new.json
index 5523099..518609a 100644
--- a/input/new.json
+++ b/input/new.json
@@ -21,5 +21,5 @@
   "language": "JAVA",
   "severity_class": "LOW",
   "aikido_score": 10,
-  "changelog": "https://github.com/InsertKoinIO/koin/releases/tag/4.0.2-RC2"
+  "changelog": "https://github.com/InsertKoinIO/koin/releases/tag/4.0.2"
 }

From 79c334553f10bcae21c929a52d1ebb2ad3e60264 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Fri, 24 Jan 2025 16:48:28 +0000
Subject: [PATCH 4/4] Move new vulnerability to
 vulnerabilities/AIKIDO-2025-10040.json and reset new.json template

---
 input/new.json                         | 34 +++++++++-----------------
 vulnerabilities/AIKIDO-2025-10040.json | 27 ++++++++++++++++++++
 2 files changed, 39 insertions(+), 22 deletions(-)
 create mode 100644 vulnerabilities/AIKIDO-2025-10040.json

diff --git a/input/new.json b/input/new.json
index 518609a..87646b9 100644
--- a/input/new.json
+++ b/input/new.json
@@ -1,25 +1,15 @@
 {
-  "package_name": "io.insert-koin:koin-core",
-  "patch_versions": [
-    "4.0.2"
-  ],
-  "vulnerable_ranges": [
-    [
-      "3.1.0",
-      "4.0.1"
-    ]
-  ],
-  "cwe": [
-    "CWE-362"
-  ],
-  "tldr": "Affected versions of this package are vulnerable to a race condition, in rare cases this causes application crashes, which might be exploited by malicious actors.",
-  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
-  "how_to_fix": "Upgrade the `io.insert-koin:koin-core` library to the patch version.",
-  "reporter": "",
-  "vulnerable_to": "Race Condition",
+  "package_name": "",
+  "patch_versions": [],
+  "vulnerable_ranges": [],
+  "cwe": [],
+  "tldr": "",
+  "doest_this_affect_me": "",
+  "how_to_fix": "",
+  "vulnerable_to": "",
   "related_cve_id": "",
-  "language": "JAVA",
-  "severity_class": "LOW",
-  "aikido_score": 10,
-  "changelog": "https://github.com/InsertKoinIO/koin/releases/tag/4.0.2"
+  "language": "",
+  "severity_class": "",
+  "aikido_score": 0,
+  "changelog": ""
 }
diff --git a/vulnerabilities/AIKIDO-2025-10040.json b/vulnerabilities/AIKIDO-2025-10040.json
new file mode 100644
index 0000000..ccc5965
--- /dev/null
+++ b/vulnerabilities/AIKIDO-2025-10040.json
@@ -0,0 +1,27 @@
+{
+  "package_name": "io.insert-koin:koin-core",
+  "patch_versions": [
+    "4.0.2"
+  ],
+  "vulnerable_ranges": [
+    [
+      "3.1.0",
+      "4.0.1"
+    ]
+  ],
+  "cwe": [
+    "CWE-362"
+  ],
+  "tldr": "Affected versions of this package are vulnerable to a race condition, in rare cases this causes application crashes, which might be exploited by malicious actors.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `io.insert-koin:koin-core` library to the patch version.",
+  "reporter": "",
+  "vulnerable_to": "Race Condition",
+  "related_cve_id": "",
+  "language": "JAVA",
+  "severity_class": "LOW",
+  "aikido_score": 10,
+  "changelog": "https://github.com/InsertKoinIO/koin/releases/tag/4.0.2",
+  "last_modified": "2025-01-24",
+  "published": "2025-01-24"
+}