{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-32001", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "REJECTED", "assignerShortName": "hackerone", "dateReserved": "2023-05-01T01:00:12.220Z", "datePublished": "2023-07-26T20:09:57.905Z", "dateUpdated": "2023-08-27T00:02:01.990Z", "dateRejected": "2023-08-27T00:02:01.990Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there really is no safe measures around or protections for."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2023-08-27T00:02:01.990Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that this issue points out a problem that there really is no safe measures around or protections for."}], "id": "CVE-2023-32001", "lastModified": "2023-11-07T04:14:26.753", "metrics": {}, "published": "2023-07-26T21:15:10.037", "references": [], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "curl: fopen race condition", "id": "2222604", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222604"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-367", "details": ["A flaw was found in the curl package. This race condition modifies the behavior of symbolic link files in affected components which might be followed instead of overwritten when the condition is met, leading to undesired and potentially destructive behavior."], "name": "CVE-2023-32001", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Not affected", "package_name": "curl", "product_name": "Red Hat JBoss Core Services"}], "public_date": "2023-07-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-32001\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-32001\nhttps://curl.se/docs/CVE-2023-32001.html"], "statement": "This issue does not affect the Curl package as shipped in Red Hat Enterprise Linux 6, 7, 8, and 9.", "threat_severity": "Moderate"}

{}