diff --git a/istio-cni-1.19.advisories.yaml b/istio-cni-1.19.advisories.yaml
new file mode 100644
index 000000000..b5a54982f
--- /dev/null
+++ b/istio-cni-1.19.advisories.yaml
@@ -0,0 +1,119 @@
+schema-version: 2.0.2
+
+package:
+  name: istio-cni-1.19
+
+advisories:
+  - id: CVE-2023-39325
+    aliases:
+      - GHSA-4374-p667-p6c8
+    events:
+      - timestamp: 2023-10-12T22:18:13Z
+        type: fixed
+        data:
+          fixed-version: 1.19.3-r0
+
+  - id: CVE-2023-45283
+    aliases:
+      - GHSA-vvjp-q62m-2vph
+    events:
+      - timestamp: 2023-11-07T19:29:40Z
+        type: false-positive-determination
+        data:
+          type: vulnerable-code-not-included-in-package
+          note: Only affects Windows
+
+  - id: CVE-2023-45284
+    aliases:
+      - GHSA-rq3x-83w4-p28c
+    events:
+      - timestamp: 2023-11-07T19:29:41Z
+        type: false-positive-determination
+        data:
+          type: vulnerable-code-not-included-in-package
+          note: Only affects Windows
+
+  - id: CVE-2023-48795
+    aliases:
+      - GHSA-45x7-px36-x8w8
+    events:
+      - timestamp: 2023-12-20T12:59:23Z
+        type: fixed
+        data:
+          fixed-version: 1.19.5-r2
+
+  - id: CVE-2023-49290
+    aliases:
+      - GHSA-7f9x-gw85-8grf
+    events:
+      - timestamp: 2024-01-24T07:07:20Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: istio-install-cni-1.19
+            componentID: 147ea67f790a2424
+            componentName: github.com/lestrrat-go/jwx
+            componentVersion: v1.2.26
+            componentType: go-module
+            componentLocation: /usr/bin/install-cni
+            scanner: grype
+      - timestamp: 2024-01-24T17:13:07Z
+        type: fixed
+        data:
+          fixed-version: 1.19.6-r1
+
+  - id: CVE-2024-21664
+    aliases:
+      - GHSA-pvcr-v8j8-j5q3
+    events:
+      - timestamp: 2024-01-24T07:07:20Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: istio-install-cni-1.19
+            componentID: 147ea67f790a2424
+            componentName: github.com/lestrrat-go/jwx
+            componentVersion: v1.2.26
+            componentType: go-module
+            componentLocation: /usr/bin/install-cni
+            scanner: grype
+      - timestamp: 2024-01-26T08:12:46Z
+        type: fixed
+        data:
+          fixed-version: 1.19.6-r2
+
+  - id: CVE-2024-28122
+    aliases:
+      - GHSA-hj3v-m684-v259
+    events:
+      - timestamp: 2024-03-09T07:43:52Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: istio-cni-1.19
+            componentID: da6d5acb8c0b0ca8
+            componentName: github.com/lestrrat-go/jwx
+            componentVersion: v1.2.28
+            componentType: go-module
+            componentLocation: /usr/bin/istio-cni
+            scanner: grype
+
+  - id: CVE-2024-28180
+    aliases:
+      - GHSA-c5q2-7r4c-mv6g
+    events:
+      - timestamp: 2024-03-08T07:04:25Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: istio-install-cni-1.19
+            componentID: 6020ade94a63de2e
+            componentName: github.com/go-jose/go-jose/v3
+            componentVersion: v3.0.1
+            componentType: go-module
+            componentLocation: /usr/bin/install-cni
+            scanner: grype