[GHSA-j3q9-mxjg-w52f] path-to-regexp vulnerable to Denial of Service via sequential optional groups

[CodyCodeman]

Updates

• Affected products

Comments
The less "<8.4.0" was pinging all sorts of alert for versions such as 6.3.* which shouldn't be vulnerable. Patch version should be the implied upper limit

[github]

Hi there @UlisesGascon! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

[Copilot]

Pull request overview

Updates the GitHub-reviewed advisory record for GHSA-j3q9-mxjg-w52f (path-to-regexp DoS via sequential optional groups) by refreshing advisory metadata.

Changes:

• Updates the advisory "modified" timestamp to reflect the latest edit time.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.