vulnrichment icon indicating copy to clipboard operation
vulnrichment copied to clipboard

Published 20 hours ago verified publisher icon cisagov

Incorrect CPE assignments, CVE-2024-45402, CVE-2024-45396

Open serkanozkanssc opened this issue 4 months ago • 0 comments

CVE-2024-45396

"affected": [
      {
          "vendor": "h2o",
          "product": "quicly",
          "versions": [
....
"cpe:2.3:a:h20:quickly:*:*:*:*:*:*:*:*"

note it's h20 (twenty) and quickly with k.

For CVE-2024-45402

"affected": [
      {
          "vendor": "h2o",
          "product": "picotls",
          "versions": [
...
"cpes": [
        "cpe:2.3:a:h20:picotis:*:*:*:*:*:*:*:*"
    ],

Note that the CPE contains h20 and picotis (with i instead of l as in tls).

serkanozkanssc avatar Oct 11 '24 20:10 serkanozkanssc