diff --git a/advisories/_posts/2019-10-07-CVE-2024-22050.md b/advisories/_posts/2019-10-07-CVE-2024-22050.md
new file mode 100644
index 0000000..851e24d
--- /dev/null
+++ b/advisories/_posts/2019-10-07-CVE-2024-22050.md
@@ -0,0 +1,53 @@
+---
+layout: advisory
+title: 'CVE-2024-22050 (iodine): Malicious URL drafting attack against iodines static
+  file server may allow path traversal'
+comments: false
+categories:
+- iodine
+advisory:
+  gem: iodine
+  cve: 2024-22050
+  ghsa: 85rf-xh54-whp3
+  url: https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3
+  title: Malicious URL drafting attack against iodines static file server may allow
+    path traversal
+  date: 2019-10-07
+  description: |2
+
+    ### Impact
+
+    A path traversal vulnerability was detected in iodine's static
+    file service. This vulnerability effects any application running
+    iodine's static file server on an effected iodine version.
+
+    Malicious URL drafting may cause the static file server to attempt
+    a response containing data from files that shouldn't be normally
+    accessible from the public folder.
+
+    ### Patches
+
+    The vulnerability was patched in version 0.7.34. Please upgrade
+    to the latest version.
+
+    ### Workarounds
+
+    A possible workaround would be to disable the static file service
+    and it's `X-Sendfile` support, sending static files using nginx
+    or a source code solution (sending the data dynamically).
+
+    However, it would be better to upgrade iodine to the latest
+    version, as it also contains non-security related fixes.
+
+    ### For more information
+    If you have any questions or comments about this advisory:
+    * Email [Boaz Segev](https://github.com/boazsegev)
+  patched_versions:
+  - ">= 0.7.34"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-22050
+    - https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3
+    - https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889
+    - https://github.com/advisories/GHSA-85rf-xh54-whp3
+---
diff --git a/advisories/_posts/2022-03-03-CVE-2024-22051.md b/advisories/_posts/2022-03-03-CVE-2024-22051.md
new file mode 100644
index 0000000..7a1c749
--- /dev/null
+++ b/advisories/_posts/2022-03-03-CVE-2024-22051.md
@@ -0,0 +1,67 @@
+---
+layout: advisory
+title: 'CVE-2024-22051 (commonmarker): Integer overflow in cmark-gfm table parsing
+  extension leads to heap memory corruption'
+comments: false
+categories:
+- commonmarker
+advisory:
+  gem: commonmarker
+  cve: 2024-22051
+  ghsa: fmx4-26r3-wxpf
+  url: https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
+  title: Integer overflow in cmark-gfm table parsing extension leads to heap memory
+    corruption
+  date: 2022-03-03
+  description: |2
+
+    ### Impact
+
+    CommonMarker uses `cmark-gfm` for rendering
+    [Github Flavored Markdown](https://github.github.com/gfm/).
+    An [integer overflow in `cmark-gfm`'s table row parsing](https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x)
+    may lead to heap memory corruption when parsing tables who's marker
+    rows contain more than UINT16_MAX columns. The impact of this heap
+    corruption ranges from Information Leak to Arbitrary Code Execution.
+
+    If affected versions of CommonMarker are used for rendering remote
+    user controlled markdown, this vulnerability may lead to
+    Remote Code Execution (RCE).
+
+    ### Patches
+
+    This vulnerability has been patched in the following CommonMarker release:
+
+    - v0.23.4
+
+    ### Workarounds
+
+    The vulnerability exists in the table markdown extensions of
+    `cmark-gfm`. Disabling any use of the table extension will prevent
+    this vulnerability from being triggered.
+
+    ### References
+
+    - https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
+
+    ### Acknowledgements
+
+    We would like to thank Felix Wilhelm of Google's Project Zero
+    for reporting this vulnerability
+
+    ### For more information
+
+    If you have any questions or comments about this advisory:
+
+    * Open an issue in [CommonMarker](http://github.com/gjtorikian/commonmarker)
+  cvss_v3: 8.8
+  patched_versions:
+  - ">= 0.23.4"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-22051
+    - https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
+    - https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf
+    - https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3
+    - https://github.com/advisories/GHSA-fmx4-26r3-wxpf
+---
diff --git a/advisories/_posts/2023-04-11-CVE-2024-22048.md b/advisories/_posts/2023-04-11-CVE-2024-22048.md
new file mode 100644
index 0000000..cada32d
--- /dev/null
+++ b/advisories/_posts/2023-04-11-CVE-2024-22048.md
@@ -0,0 +1,47 @@
+---
+layout: advisory
+title: 'CVE-2024-22048 (govuk_tech_docs): govuk_tech_docs vulnerable to unescaped
+  HTML on search results page'
+comments: false
+categories:
+- govuk_tech_docs
+advisory:
+  gem: govuk_tech_docs
+  cve: 2024-22048
+  ghsa: x2xw-hw8g-6773
+  url: https://github.com/alphagov/tech-docs-gem/security/advisories/GHSA-x2xw-hw8g-6773
+  title: govuk_tech_docs vulnerable to unescaped HTML on search results page
+  date: 2023-04-11
+  description: |2
+
+    ### Impact
+
+    Pages that are indexed in search results have their entire contents
+    indexed, including any HTML code snippets. These HTML snippets would
+    appear in the search results unsanitised, so it was possible to
+    render arbitrary HTML or run arbitrary scripts.
+
+    This is a low risk security issue; to exploit it, an attacker would
+    need to find a way of committing malicious code to a page indexed
+    by a site that uses tech-docs-gem (which are typically not editable
+    by untrusted users). Their code would also be limited by the relatively
+    short length that's rendered in the corresponding search result.
+    Nevertheless, the XSS would then be triggerable by visiting a
+    pre-constructed URL (/search/index.html?q=some+search+term), which
+    users could be tricked into clicking on through social engineering.
+
+    ### Patches
+
+    This has been fixed in v3.3.1. HTML is now sanitised in search results.
+  unaffected_versions:
+  - "< 2.0.2"
+  patched_versions:
+  - ">= 3.3.1"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-22048
+    - https://github.com/alphagov/tech-docs-gem/security/advisories/GHSA-x2xw-hw8g-6773
+    - https://github.com/alphagov/tech-docs-gem/releases/tag/v3.3.1
+    - https://github.com/alphagov/tech-docs-gem/pull/323
+    - https://github.com/advisories/GHSA-x2xw-hw8g-6773
+---
diff --git a/advisories/_posts/2023-05-01-CVE-2024-22047.md b/advisories/_posts/2023-05-01-CVE-2024-22047.md
new file mode 100644
index 0000000..bb04688
--- /dev/null
+++ b/advisories/_posts/2023-05-01-CVE-2024-22047.md
@@ -0,0 +1,45 @@
+---
+layout: advisory
+title: 'CVE-2024-22047 (audited): Race Condition leading to logging errors'
+comments: false
+categories:
+- audited
+advisory:
+  gem: audited
+  cve: 2024-22047
+  ghsa: hjp3-5g2q-7jww
+  url: https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww
+  title: Race Condition leading to logging errors
+  date: 2023-05-01
+  description: |
+    "In certain setups with threaded web servers, Audited's use of
+    `Thread.current` can incorrectly attributed audits to the wrong user.
+
+    Fixed in 5.3.3.
+
+    In March, @convisoappsec noticed that the library in question had a
+    Race Condition problem, which caused logs to be registered at times
+    with different users than those who performed the genuine actions.
+
+    - The first issue we identified was from November
+      2021: https://github.com/collectiveidea/audited/issues/601
+
+    - So the solution was implemented in the following Pull Request:
+      https://github.com/collectiveidea/audited/pull/669
+
+    - And the feature was published in version 5.3.3:
+      RELEASE: https://github.com/collectiveidea/audited/pull/671"
+  cvss_v3: 3.1
+  unaffected_versions:
+  - "< 4.0.0"
+  patched_versions:
+  - ">= 5.3.3"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-22047
+    - https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww
+    - https://github.com/collectiveidea/audited/issues/601
+    - https://github.com/collectiveidea/audited/pull/669
+    - https://github.com/collectiveidea/audited/pull/671
+    - https://github.com/advisories/GHSA-hjp3-5g2q-7jww
+---
diff --git a/advisories/_posts/2023-10-24-CVE-2024-0241.md b/advisories/_posts/2023-10-24-CVE-2024-0241.md
new file mode 100644
index 0000000..dbe41b5
--- /dev/null
+++ b/advisories/_posts/2023-10-24-CVE-2024-0241.md
@@ -0,0 +1,65 @@
+---
+layout: advisory
+title: 'CVE-2024-0241 (encoded_id-rails): encoded_id-rails potential DOS vulnerability
+  due to URIs with extremely long encoded IDs'
+comments: false
+categories:
+- encoded_id-rails
+advisory:
+  gem: encoded_id-rails
+  cve: 2024-0241
+  ghsa: 3px7-jm2p-6h2c
+  url: https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c
+  title: encoded_id-rails potential DOS vulnerability due to URIs with extremely long
+    encoded IDs
+  date: 2023-10-24
+  description: |
+    ### Impact
+
+    The length of URIs and the various parts (eg path segments, query
+    parameters) is usually limited by the webserver processing the
+    incoming request. In the case of Puma the defaults are :
+
+    - path segment length: 8192
+    - Max URI length: 1024 * 12
+    - Max query length: 1024 * 10
+
+    See https://github.com/puma/puma/blob/master/docs/compile_options.md
+
+    If too long Puma raises:
+    > Puma caught this error: HTTP element REQUEST_PATH is longer than
+      the (8192) allowed length (was 12503) (Puma::HttpParserError)
+
+    However due to the performance of `hashids` extremely long encoded
+    IDs will consume a large amount of CPU and allocate a huge number
+    of intermediate objects.
+
+    For example:
+
+    ```
+    curl -vvv https://localhost.ssl:3000//dos?id=abcd-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+    ```
+
+    This causes the application to spend a huge amount of time decoding
+    the ID and the allocation of > 200MB of objects.
+
+    ### Patches
+
+    Upgrade to `1.0.0.beta2`
+
+    This introduces a new option to limit the length of IDs that can
+    be decoded. A future release will also improve the performance and
+    hugely reduce allocations in the underlying hashids implementation.
+
+    ### References
+    _Are there any links users can visit to find out more?_
+  cvss_v3: 7.5
+  patched_versions:
+  - ">= 1.0.0.beta2"
+  related:
+    url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-0241
+    - https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c
+    - https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91
+    - https://github.com/advisories/GHSA-3px7-jm2p-6h2c
+---