From 6b9b15e24500830fbc2feb01808bc221a7126bfb Mon Sep 17 00:00:00 2001
From: Classic Values <santiago@laudatecorpus.com>
Date: Sat, 12 Aug 2023 09:56:19 -0700
Subject: [PATCH] Improve GHSA-c2qf-rxjj-qqgw

---
 .../GHSA-c2qf-rxjj-qqgw.json                  | 28 ++++++-------------
 1 file changed, 8 insertions(+), 20 deletions(-)

diff --git a/advisories/github-reviewed/2023/06/GHSA-c2qf-rxjj-qqgw/GHSA-c2qf-rxjj-qqgw.json b/advisories/github-reviewed/2023/06/GHSA-c2qf-rxjj-qqgw/GHSA-c2qf-rxjj-qqgw.json
index 0291b85fd2b27..1b588d49ecfa6 100644
--- a/advisories/github-reviewed/2023/06/GHSA-c2qf-rxjj-qqgw/GHSA-c2qf-rxjj-qqgw.json
+++ b/advisories/github-reviewed/2023/06/GHSA-c2qf-rxjj-qqgw/GHSA-c2qf-rxjj-qqgw.json
@@ -1,17 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c2qf-rxjj-qqgw",
-  "modified": "2023-07-10T22:57:56Z",
+  "modified": "2023-07-10T22:57:58Z",
   "published": "2023-06-21T06:30:28Z",
   "aliases": [
     "CVE-2022-25883"
   ],
   "summary": "semver vulnerable to Regular Expression Denial of Service",
-  "details": "Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.",
+  "details": "Versions of the package semver before 7.5.2, patched in 7.5.3, on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.",
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"
     }
   ],
   "affected": [
@@ -20,11 +20,6 @@
         "ecosystem": "npm",
         "name": "semver"
       },
-      "ecosystem_specific": {
-        "affected_functions": [
-          "semver.Range"
-        ]
-      },
       "ranges": [
         {
           "type": "ECOSYSTEM",
@@ -33,22 +28,20 @@
               "introduced": "7.0.0"
             },
             {
-              "fixed": "7.5.2"
+              "fixed": "7.5.4"
             }
           ]
         }
-      ]
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 7.5.2"
+      }
     },
     {
       "package": {
         "ecosystem": "npm",
         "name": "semver"
       },
-      "ecosystem_specific": {
-        "affected_functions": [
-          "semver.Range"
-        ]
-      },
       "ranges": [
         {
           "type": "ECOSYSTEM",
@@ -68,11 +61,6 @@
         "ecosystem": "npm",
         "name": "semver"
       },
-      "ecosystem_specific": {
-        "affected_functions": [
-          "semver.Range"
-        ]
-      },
       "ranges": [
         {
           "type": "ECOSYSTEM",