Advisory GHSA-4pg4-qvpc-4q3h lists incorrect fixed version #5848
Description
I have noticed an issue with the details provided in the advisory GHSA-4pg4-qvpc-4q3h regarding the fixed version.
Look, this pr to fix vulnerability expressjs/multer#1177 is present in both v1.4.5-lts.2 and v2.0.0:
https://github.com/expressjs/multer/commits/v1.4.5-lts.2
https://github.com/expressjs/multer/commits/v2.0.0
So i think v1.4.5-lts.2 is not affected, also npm audit does not complain about it.
Could you please review and update the advisory to reflect the correct information? Thank you.