From 5c38286d32d596e9a60108e5353670cfba401497 Mon Sep 17 00:00:00 2001 From: Nicholas Narsing Date: Tue, 23 Jun 2026 11:19:33 -0700 Subject: [PATCH] Improve GHSA-h67p-54hq-rp68 --- .../GHSA-h67p-54hq-rp68.json | 44 ++++++++++++++++--- 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/advisories/github-reviewed/2026/06/GHSA-h67p-54hq-rp68/GHSA-h67p-54hq-rp68.json b/advisories/github-reviewed/2026/06/GHSA-h67p-54hq-rp68/GHSA-h67p-54hq-rp68.json index b9d1dd2917b89..f6f26fb633146 100644 --- a/advisories/github-reviewed/2026/06/GHSA-h67p-54hq-rp68/GHSA-h67p-54hq-rp68.json +++ b/advisories/github-reviewed/2026/06/GHSA-h67p-54hq-rp68/GHSA-h67p-54hq-rp68.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-h67p-54hq-rp68", - "modified": "2026-06-15T17:15:07Z", + "modified": "2026-06-15T17:15:08Z", "published": "2026-06-15T17:15:07Z", "aliases": [ "CVE-2026-53550" @@ -25,17 +25,33 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "0" + "introduced": "4.0.0" }, { "fixed": "4.2.0" } ] } - ], - "database_specific": { - "last_known_affected_version_range": "<= 4.1.1" - } + ] + }, + { + "package": { + "ecosystem": "npm", + "name": "js-yaml" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.14.2" + } + ] + } + ] } ], "references": [ @@ -43,9 +59,25 @@ "type": "WEB", "url": "https://github.com/nodeca/js-yaml/security/advisories/GHSA-h67p-54hq-rp68" }, + { + "type": "WEB", + "url": "https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879" + }, + { + "type": "WEB", + "url": "https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266" + }, { "type": "PACKAGE", "url": "https://github.com/nodeca/js-yaml" + }, + { + "type": "WEB", + "url": "https://github.com/nodeca/js-yaml/releases/tag/3.14.2" + }, + { + "type": "WEB", + "url": "https://github.com/nodeca/js-yaml/releases/tag/4.1.1" } ], "database_specific": {