ken-duck
commented
2 years ago Hi! Sorry for the delay, but I respond with good news.
OSS Index is going through a major upgrade, as described here: https://ossindex.sonatype.org/updates-notice
The most clear and obvious benefit is far fewer false negatives and false positives, and vulnerabilities will be added to the system on a much more frequent and rapid basis. Once the upgrade is completed you should see most (if not all) of the reported data issues be resolved.
URL: https://nvd.nist.gov/vuln/detail/CVE-2021-32840 name: SharpZipLib versions: Prior to version 1.3.3