diff --git a/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json b/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json index a03ceb51fe956..eee8677247bc7 100644 --- a/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json +++ b/advisories/github-reviewed/2026/02/GHSA-378v-28hj-76wf/GHSA-378v-28hj-76wf.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-378v-28hj-76wf", - "modified": "2026-02-20T21:18:31Z", + "modified": "2026-02-22T09:18:32Z", "published": "2026-02-20T06:30:39Z", "aliases": [ "CVE-2026-2739" @@ -36,7 +36,32 @@ } ] } - ] + ], + "database_specific": { + "last_known_affected_version_range": "< 5.2.3" + } + }, + { + "package": { + "ecosystem": "npm", + "name": "bn.js" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "4.12.3" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "< 4.12.3" + } } ], "references": [ @@ -60,6 +85,10 @@ "type": "WEB", "url": "https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b" }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6" + }, { "type": "WEB", "url": "https://gist.github.com/Kr0emer/02370d18328c28b5dd7f9ac880d22a91" @@ -72,6 +101,10 @@ "type": "WEB", "url": "https://github.com/indutny/bn.js/releases/tag/v5.2.3" }, + { + "type": "WEB", + "url": "https://github.com/indutny/bn.js/releases/tag/v4.12.3" + }, { "type": "WEB", "url": "https://security.snyk.io/vuln/SNYK-JS-BNJS-15274301" @@ -86,4 +119,4 @@ "github_reviewed_at": "2026-02-20T21:18:31Z", "nvd_published_at": "2026-02-20T05:17:53Z" } -} \ No newline at end of file +}