Microsoft MotW under-assignment #2
Description
Microsoft assigned two quite-different vulnerabilities to CVE-2022-41049. CNA rules state:
7.2.1 CNAs MUST NOT assign the same CVE ID to more than one independently fixable vulnerability.
CVE IDs are meant to track vulnerabilities not fixes.
CC @wdormann