You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For the purl: pkg:maven/com.thoughtworks.xstream/xstream@1.4.20 there are 2 REJECTED CVEs:
2022-40153
2022-40156
The real CVE for this vuln is 2022-40152
The NVD page for each REJECTED CVE says:
Rejected
CVE has been marked "REJECT" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.
Current Description
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage.
I found these cases from reviewing a VCIO report for a product so the cases are incidental.
We need to identify and flag REJECT CVEs. I am not sure how to report these cases or how common they are.
A first solution step should be to investigate how common REJECT CVEs are in the NVD.
The text was updated successfully, but these errors were encountered:
For the purls:
There are 4 REJECTED CVEs in the NVD:
For the purl: pkg:maven/com.thoughtworks.xstream/xstream@1.4.20 there are 2 REJECTED CVEs:
The real CVE for this vuln is 2022-40152
The NVD page for each REJECTED CVE says:
Rejected
CVE has been marked "REJECT" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.
Current Description
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage.
I found these cases from reviewing a VCIO report for a product so the cases are incidental.
We need to identify and flag REJECT CVEs. I am not sure how to report these cases or how common they are.
A first solution step should be to investigate how common REJECT CVEs are in the NVD.
The text was updated successfully, but these errors were encountered: