diff --git a/data/cve/CVE-2015-2296.json b/data/cve/CVE-2015-2296.json
new file mode 100644
index 0000000000000000000000000000000000000000..72dae6949f0eb9bf691e2e807baeda042896ee4a
--- /dev/null
+++ b/data/cve/CVE-2015-2296.json
@@ -0,0 +1,23 @@
+{
+    "id": 13542,
+    "cve_id": "CVE-2015-2296",
+    "creator": null,
+    "publisher": "admin",
+    "publish_third_party_token": "admin",
+    "publish_date": "2015-03-14",
+    "cvss": {
+        "nvd_cvss": "",
+        "openanolis_cvss": ""
+    },
+    "product": [],
+    "product_package": [],
+    "affected_packages": [],
+    "score": null,
+    "severity": null,
+    "status": 1,
+    "source": "NVD",
+    "cve_source_link": "",
+    "abstract": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.\nA flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL.",
+    "description": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2296.json",
+    "errata": []
+}
\ No newline at end of file