The yaml in the vulns folder seems to incorrectly associate pypi/json-logic with https://github.com/jwadhams/json-logic-js. Although it appears the pypi package is based off the Javascript library, these are two different repositories in two different languages.
Could the entry for PYSEC-2023-209 be removed form the database since this is not in regards to the same codebase?
In a recent Auto assign, PYSEC-2023-209 (https://github.com/pypa/advisory-database/blob/main/vulns/json-logic/PYSEC-2023-209.yaml) in regards to a re-analysis of CVE-2021-4329, however this is in regards to a Javascript version of this library.
The yaml in the vulns folder seems to incorrectly associate pypi/json-logic with https://github.com/jwadhams/json-logic-js. Although it appears the pypi package is based off the Javascript library, these are two different repositories in two different languages.
Could the entry for PYSEC-2023-209 be removed form the database since this is not in regards to the same codebase?