Closed p3pijn closed 1 year ago
Similar issue for another CVE within the same package in #311
This issue has been passed to the research team on our internal tracking system, and I will report back here once more is known.
I am at long last cleaning up and closing issues from our tracking system. You may have already noticed that the issue was resolved at some point. From our research team:
The CPE codes are notoriously unreliable. We completed "Deep Dive" research on it at some point since this was submitted so we're now implicating the correct coordinate, which in this case was actually galaxy-ng.
Vulnerability URL
Component URL
Description
CVE-2022-2568
should not be reported for Pypi packageansible-core
. The CPEs in NVD are linked to Ansible Automation Platform and not to this Pypi package.