[BUG] Discrepancy between security reports?

[fragglet]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

Hi, GHSA-rq77-p4h8-4crw on this repository says that 1.7.2 contains the fix for the vulnerability, but GO-2025-3607 says that 1.7.3 contains the fix. Since the v.1.7.3 release announcement references the vulnerability, I assume that the GHSA advisory is incorrect and should be fixed?

Expected Behavior

No response

Steps To Reproduce

No response

Anything else?

No response

[tommydehaas]

@apoorvajagtap I think this issue was fixed in 1.7.3, right? If so, could you update the advisory with a patched version and affected versions < 1.7.3?