Need Security Advisory for older v2 tags
jentfoo opened this issue · comments
Mike Jensen commented
Hello, I was recently looking into the state of GHSA-2c7c-3mj9-8fqh. This is easily fixed by going to 3.0.1, as well as the 2.6.2 tag on this repo. However it was not obvious that there are tags on this repo which are vulnerable.
Submitting a security advisory for versions 2.6.1 and older on this repo would help highlight that these tags are also vulnerable and need to be updated. Thank you!
Matthew McPherrin commented
I’ve submitted an update to the advisory: github/advisory-database#3654
Matthew McPherrin commented
The advisory has been updated. Thank you for pointing out that was missing!