You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The yaml in the vulns folder seems to incorrectly associate pypi/json-logic with https://github.com/jwadhams/json-logic-js. Although it appears the pypi package is based off the Javascript library, these are two different repositories in two different languages.
Could the entry for PYSEC-2023-209 be removed form the database since this is not in regards to the same codebase?
The text was updated successfully, but these errors were encountered:
In a recent Auto assign, PYSEC-2023-209 (https://github.com/pypa/advisory-database/blob/main/vulns/json-logic/PYSEC-2023-209.yaml) in regards to a re-analysis of CVE-2021-4329, however this is in regards to a Javascript version of this library.
The yaml in the vulns folder seems to incorrectly associate pypi/json-logic with https://github.com/jwadhams/json-logic-js. Although it appears the pypi package is based off the Javascript library, these are two different repositories in two different languages.
Could the entry for PYSEC-2023-209 be removed form the database since this is not in regards to the same codebase?
The text was updated successfully, but these errors were encountered: