Prebid.js - specifying malware report scope

[Saigredan]

Hey,

According to GHSA-4hjx-fhh8-vr6j, all of Prebid.js versions seems to be affected, which may not be true.

https://nvd.nist.gov/vuln/detail/CVE-2025-59038 in this report we can find that issue is related to 10.9.2 version, in some other sources you can also find that 10.9.1 was affected as well. Also it says that 10.10.0 fixes it which was confirmed by Prebid.js.

Could these details be specified within GHSA-4hjx-fhh8-vr6j, as it impacts audits on all versions?

All best,

[JonathanLEvans]

We have withdrawn GHSA-4hjx-fhh8-vr6j in favor of the maintainer's advisory (GHSA-jwq7-6j4r-2f92).