Data quality issue with several MAL advisories

Examples:
- `ngx-toastr`: GH advisory affected versions[>= 19.0.1, <= 19.0.2](https://github.com/advisories/GHSA-qp89-vf7f-22w4) vs OSV.dev affected [all versions](https://osv.dev/vulnerability/MAL-2025-47199)
- `@ctrl/tinycolor`: GH advisory affected versions [>= 4.1.1, <= 4.1.2](https://github.com/advisories/GHSA-qjqf-7j6f-82c4) vs OSV.dev affected [all versions](https://osv.dev/vulnerability/MAL-2025-47141)
- `@ctrl/deluge`: GH advisory affected versions [>= 7.2.1, <= 7.2.2](https://github.com/advisories/GHSA-wv45-cmjw-6456) vs OSV.dev affected [all versions](https://osv.dev/vulnerability/MAL-2025-47131)

**Describe the data quality issue observed**
There is a discrepancy with the data ingested from GH advisories, apparently at least this [commit](https://github.com/ossf/malicious-packages/commits/4052035235ac8a92985f46b05626506b9f3d7a11) is wrongly assigning `"introduced": "0"` (all versions are vulnerable) to packages where specific versions where subject to compromise.

**Suggested changes to record**
Fix the items, and assign the proper version / ranges

**Additional context**
I'm unaware if the situation is only related to this commit or if is there any others MAL records having the same problem.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Data quality issue with several MAL advisories #3960

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Data quality issue with several MAL advisories #3960

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions