The advisory with the number GHSA-jhq6-gfmj-v8fx states that the affected versions are <1.5.35 and the patched version is 1.5.35.
However, the description states affected version is only up to 1.5.33 inclusive, the linked references contain the release notes for 1.5.34 which say that 1.5.34 contains the patch for this.
As there are no references showing that 1.5.34 is affected, too, I'd say the advisory version is wrong. This now leads to vulnerabilities showing up everywhere even though there are none because the patched version is used. Could you please fix this?
The advisory with the number GHSA-jhq6-gfmj-v8fx states that the affected versions are <1.5.35 and the patched version is 1.5.35.
However, the description states affected version is only up to 1.5.33 inclusive, the linked references contain the release notes for 1.5.34 which say that 1.5.34 contains the patch for this.
As there are no references showing that 1.5.34 is affected, too, I'd say the advisory version is wrong. This now leads to vulnerabilities showing up everywhere even though there are none because the patched version is used. Could you please fix this?