False-Positive: CVE-2022-24304 rejected by NVD

[prabhu]

PURL of wrongly matched component

Rejected by NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-24304

But still reported by GitHub and OSV.

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-h8hf-x3f4-xwgp/GHSA-h8hf-x3f4-xwgp.json https://osv.dev/vulnerability/GHSA-h8hf-x3f4-xwgp https://osv.dev/vulnerability/GHSA-f825-f98c-gj3g

Depscan findings

I think depscan or vdb6 could have some kind of override data to flag and remove such CVEs