From d7467a2e67f0b6e9e2601d73e7a879c516641be9 Mon Sep 17 00:00:00 2001
From: kapyteinaikido <166383531+kapyteinaikido@users.noreply.github.com>
Date: Tue, 11 Mar 2025 12:51:15 +0100
Subject: [PATCH 1/4] Update new.json

---
 input/new.json | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/input/new.json b/input/new.json
index 87646b9a..e0a942ca 100644
--- a/input/new.json
+++ b/input/new.json
@@ -1,15 +1,20 @@
 {
-  "package_name": "",
-  "patch_versions": [],
-  "vulnerable_ranges": [],
-  "cwe": [],
-  "tldr": "",
-  "doest_this_affect_me": "",
-  "how_to_fix": "",
-  "vulnerable_to": "",
+  "package_name": "esbuild",
+  "patch_versions": ["0.25.0"],
+  "vulnerable_ranges": [
+    [
+      "0.0.0",
+      "0.24.2"
+    ]
+  ],
+  "cwe": ["CWE-346"],
+  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server, when esbuild is actively running on a developer's machine. This could expose the front-end source code generated by esbuild.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade esbuild to the patch version (0.25.0).",
+  "vulnerable_to": "Origin Validation Error",
   "related_cve_id": "",
-  "language": "",
-  "severity_class": "",
-  "aikido_score": 0,
-  "changelog": ""
+  "language": "JS",
+  "severity_class": "LOW",
+  "aikido_score": 20,
+  "changelog": "https://github.com/evanw/esbuild/blob/bcc77fbee56ec7c050813c972d8bb1e06a8e57ef/CHANGELOG.md?plain=1#L72"
 }

From 6f983f9bca18022f2bbde763b90001262589cd89 Mon Sep 17 00:00:00 2001
From: kapyteinaikido <166383531+kapyteinaikido@users.noreply.github.com>
Date: Tue, 11 Mar 2025 12:52:29 +0100
Subject: [PATCH 2/4] Update new.json

---
 input/new.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/new.json b/input/new.json
index e0a942ca..dcecbb9e 100644
--- a/input/new.json
+++ b/input/new.json
@@ -8,7 +8,7 @@
     ]
   ],
   "cwe": ["CWE-346"],
-  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server, when esbuild is actively running on a developer's machine. This could expose the front-end source code generated by esbuild.",
+  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server when esbuild is actively running on a developer's machine. This could expose the front-end source code generated by esbuild.",
   "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
   "how_to_fix": "Upgrade esbuild to the patch version (0.25.0).",
   "vulnerable_to": "Origin Validation Error",

From e8d831a7900b06df90118808a7fcf412ea199145 Mon Sep 17 00:00:00 2001
From: kapyteinaikido <166383531+kapyteinaikido@users.noreply.github.com>
Date: Tue, 11 Mar 2025 12:52:41 +0100
Subject: [PATCH 3/4] Update new.json

---
 input/new.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/new.json b/input/new.json
index dcecbb9e..f8da8bf2 100644
--- a/input/new.json
+++ b/input/new.json
@@ -8,7 +8,7 @@
     ]
   ],
   "cwe": ["CWE-346"],
-  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server when esbuild is actively running on a developer's machine. This could expose the front-end source code generated by esbuild.",
+  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server when esbuild is actively running. This could expose the front-end source code generated by esbuild.",
   "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
   "how_to_fix": "Upgrade esbuild to the patch version (0.25.0).",
   "vulnerable_to": "Origin Validation Error",

From a5dc40f85a31ee56919d08c3adc1e515a644ae76 Mon Sep 17 00:00:00 2001
From: kapyteinaikido <166383531+kapyteinaikido@users.noreply.github.com>
Date: Tue, 11 Mar 2025 12:53:11 +0100
Subject: [PATCH 4/4] Update new.json

---
 input/new.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/input/new.json b/input/new.json
index f8da8bf2..1fdd77f8 100644
--- a/input/new.json
+++ b/input/new.json
@@ -8,7 +8,7 @@
     ]
   ],
   "cwe": ["CWE-346"],
-  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server when esbuild is actively running. This could expose the front-end source code generated by esbuild.",
+  "tldr": "esbuild does not validate the origin of requests, allowing any website to make requests to the development server when esbuild is actively running. This could expose the source code generated or used by esbuild.",
   "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
   "how_to_fix": "Upgrade esbuild to the patch version (0.25.0).",
   "vulnerable_to": "Origin Validation Error",