Description

Rejected reason: GitHub cannot issue a CVE for this Security Advisory because this advisory includes information about more than one vulnerability. According to [rule 4.2.11 of the CVE CNA rules](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-2_CVE_ID_Assignment): > 4.2.6 CNAs SHOULD assign different CVE IDs to separate Vulnerabilities, as determined using the guidance in [4.1](https://www.cve.org/ResourcesSupport/AllResources/CNARules#section_4-1_Vulnerability_Determination). > 4.2.11 CNAs SHOULD assign different CVE IDs to different, Independently Fixable Vulnerabilities. You can move forward in one of two ways: - If you agree that this Security Advisory concerns more than one independently fixable vulnerability, split each vulnerability into its own advisory and request one CVE for each vulnerability. - If you do not agree that these vulnerabilities are independently fixable, resubmit the CVE request with a section clarifying how they are dependent and should have the same CVE. Thank you for making the open source ecosystem more secure by fixing and responsibly disclosing these vulnerabilities.