It was an internal discussion about security boundaries that were(n't) crossed as a result of the vulnerability and the decision of the researcher who discovered the issue that a CVE wasn't warranted.
Regards, Rajiv On Tue, Oct 19, 2021 at 9:31 PM Salvatore Bonaccorso <car...@debian.org> wrote: > *** CAUTION: This email was sent from an EXTERNAL source. Think before > clicking links or opening attachments. *** > > Hi, > > On Mon, Oct 18, 2021 at 09:58:31AM -0700, Rajiv Motwani wrote: > > Hi Sylvain, > > > > Those CVEs were registered in error and were requested to be listed as > > REJECTED. There are no plans to re-register these issues under new > > identifiers. > > Out of interest, can you elaborate on this a bit more? Was this > because the CVE assignement was not done from the CNA covering the > product in its scope or other reasons? > > Regards, > Salvatore > > -- Rajiv Motwani | Senior Director of Research, Vulnerability Detection Tenable 7021 Columbia Gateway Drive, Suite 500 <https://maps.google.com/?q=7021+Columbia+Gateway+Drive,+Suite+500+Columbia,+MD+21046&entry=gmail&source=g> Columbia, MD 21046 <https://maps.google.com/?q=7021+Columbia+Gateway+Drive,+Suite+500+Columbia,+MD+21046&entry=gmail&source=g> rmotw...@tenable.com M: +1 (978) 875-3486 tenable.com <http://www.tenable.com/>