{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21506", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "state": "REJECTED", "assignerShortName": "snyk", "dateReserved": "2023-12-22T12:33:20.119Z", "datePublished": "2024-04-06T05:00:00.699Z", "dateUpdated": "2024-06-05T15:02:55.230Z", "dateRejected": "2024-05-30T16:09:07.021Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "Duplicate of CVE-2024-5629."}], "replacedBy": ["CVE-2024-5629"], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2024-06-05T15:02:55.230Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: Duplicate of CVE-2024-5629."}], "id": "CVE-2024-21506", "lastModified": "2024-06-05T15:15:11.173", "metrics": {}, "published": "2024-04-06T05:15:07.210", "references": [], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "python-pymongo: out of bounds read", "id": "2273859", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273859"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-125", "details": ["An out-of-bounds read vulnerability was found in Pymongo. When using a crafted payload, this flaw allows an attacker to force the parser to deserialize unmanaged memory."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-21506", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "python27:2.7/python-pymongo", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "python36:3.6/python-pymongo", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "openstack-panko", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-panko", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Affected", "package_name": "python-pymongo", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Affected", "package_name": "python-pymongo", "product_name": "Red Hat Satellite 6"}], "public_date": "2024-04-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-21506\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-21506\nhttps://gist.github.com/keltecc/62a7c2bf74a997d0a7b48a0ff3853a03\nhttps://github.com/mongodb/mongo-python-driver/commit/56b6b6dbc267d365d97c037082369dabf37405d2"], "threat_severity": "Moderate", "upstream_fix": "python-pymongo 4.6.3"}