Hello, I was recently looking into the state of GHSA-2c7c-3mj9-8fqh. This is easily fixed by going to 3.0.1, as well as the 2.6.2 tag on this repo. However it was not obvious that there are tags on this repo which are vulnerable.

Submitting a security advisory for versions 2.6.1 and older on this repo would help highlight that these tags are also vulnerable and need to be updated. Thank you!

I’ve submitted an update to the advisory: github/advisory-database#3654

The advisory has been updated. Thank you for pointing out that was missing!