-
Notifications
You must be signed in to change notification settings - Fork 190
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorrect data #567
Comments
Thanks for filing this issue @donchkat! Re 1. We take this from GitHub's security advisory database at https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-xg72-6c83-ghh4/GHSA-xg72-6c83-ghh4.json. Would you mind filing an issue there (or creating a PR?) Re 2. |
Thanks for the quick answer. Re 1. I opened an issue here |
Thanks re 1. ! Re 2., there is an open issue on GitHub's side: github/advisory-database#470 to make use of an official OSV field to encode such cases. Please feel free to bump that issue :) |
crossposting here that the ecosystem has been fixed on the GHSA! thank you again for the feedback 🙌 |
@oliverchang is it fair to say there's nothing further actionable on this issue? Can we close it out? |
@andrewpollock yep, thanks! |
Found some incorrect data that was raising some questions and doubts about my script, I will appreciate if you can check it out:
2. CVE: CVE-2019-9423 - Looks like the 'last known affected version' value is much lower and older than the affected range - the last affected range is 4.6.0.66 while the 'last known affected version' is 4.1.1.26
Thank you.
The text was updated successfully, but these errors were encountered: