CVE Rejected

A CVE has the status REJECTED when it was and will not be published by a CNA. There are two possibilities when this happens:

  1. The CVE is RESERVED and shall not be published
  2. The CVE was published but shall be revoked
According to the CNA rules it is not possible nor allowed to change the status REJECTED to something else. In very rare cases this happened with CVEs of other CNAs.

We do not add rejected CVEs to our database as these are not vulnerabilities. A request for such a CVE is not able to return a vulnerability entry. If a CVE gets rejected and revoked after we have added it to the database, we will flag is as a duplicate or false-positive.

Do you need the next level of professionalism?

Upgrade your account now!