{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3205", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "REJECTED", "assignerShortName": "VulDB", "dateReserved": "2024-04-02T16:38:00.619Z", "datePublished": "2024-04-02T22:31:05.374Z", "dateUpdated": "2024-05-27T15:10:36.308Z", "dateRejected": "2024-05-27T15:10:36.308Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-05-27T15:10:36.308Z"}, "rejectedReasons": [{"lang": "en", "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The maintainer identified an error in the libyaml fuzzers. It is not possible to reproduce nor exploit the issue."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The maintainer identified an error in the libyaml fuzzers. It is not possible to reproduce nor exploit the issue."}], "id": "CVE-2024-3205", "lastModified": "2024-05-27T15:15:08.930", "metrics": {}, "published": "2024-04-02T23:15:54.627", "references": [], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "libyaml: Heap-Based Buffer Overflow", "id": "2272889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272889"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-122", "details": ["A flaw was found in the libyaml library. A specially crafted YAML file can cause a heap-based buffer over-read in the yaml_emitter_emit_flow_sequence_item function in the src/emitter.c file, resulting in denial of service in the application linked to the library."], "mitigation": {"lang": "en:us", "value": "Applications that do not parse files from untrusted sources will not be vulnerable to this vulnerability."}, "name": "CVE-2024-3205", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libyaml", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libyaml", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libyaml", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "perl-YAML-LibYAML", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libyaml", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "python-ruamel-yaml-clib", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-3205\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-3205"], "statement": "Red Hat Product Security does not consider this to be a vulnerability."}