Publish GHSA-2hjh-495w-hmxc

advisories/github-reviewed/2025/02/GHSA-2hjh-495w-hmxc/GHSA-2hjh-495w-hmxc.json

@@ -1,13 +1,14 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2hjh-495w-hmxc",
-  "modified": "2025-02-06T19:02:46Z",
+  "modified": "2025-02-07T15:25:03Z",
   "published": "2025-02-06T18:31:05Z",
+  "withdrawn": "2025-02-07T15:25:03Z",
   "aliases": [
     "CVE-2024-57610"
   ],
-  "summary": "Sylius allows unrestricted brute-force attacks on user accounts",
-  "details": "A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users.",
+  "summary": "Withdrawn Advisory: Sylius allows unrestricted brute-force attacks on user accounts",
+  "details": "## Withdrawn Advisory\nThis advisory has been withdrawn because it is not a vulnerability in the Sylius framework. This link is maintained to preserve external references.\n\n## Original Description\nA rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users.",
   "severity": [
     {
       "type": "CVSS_V4",
@@ -40,6 +41,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57610"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/github/advisory-database/pull/5254"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/Sylius/Sylius"