{"containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt"}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-11-20T04:40:03.158Z"}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3487", "datePublished": "2021-04-15T13:35:42", "dateReserved": "2021-04-08T00:00:00", "dateUpdated": "2023-11-20T04:40:03.158Z", "state": "REJECTED", "dateRejected": "2023-11-20T04:39:33.907Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt"}], "id": "CVE-2021-3487", "lastModified": "2023-11-20T05:15:08.150", "metrics": {}, "published": "2021-04-15T14:15:17.310", "references": [], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2021:4364", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "binutils-0:2.30-108.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4364", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "binutils-0:2.30-108.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}], "bugzilla": {"description": "binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()", "id": "1947111", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947111"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", "status": "verified"}, "cwe": "CWE-20->CWE-400", "details": ["This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt", "There's a flaw in the BFD library of binutils. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption."], "name": "CVE-2021-3487", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gcc-toolset-10-binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "gcc-toolset-9-binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2020-11-25T16:56:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3487\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3487"], "statement": "Red Hat Product Security does not consider this to be a vulnerability.", "upstream_fix": "binutils 2.36"}