From aed6cfbc98ebccf1141f19b2e6632b2dca24601e Mon Sep 17 00:00:00 2001
From: Daniel Tschinder <code@tschinder.de>
Date: Mon, 11 May 2026 14:32:45 +0200
Subject: [PATCH] [GHSA-vpq2-c234-7xj6] @tootallnate/once vulnerable to
 Incorrect Control Flow Scoping

---
 .../GHSA-vpq2-c234-7xj6.json                  | 21 ++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/advisories/github-reviewed/2026/03/GHSA-vpq2-c234-7xj6/GHSA-vpq2-c234-7xj6.json b/advisories/github-reviewed/2026/03/GHSA-vpq2-c234-7xj6/GHSA-vpq2-c234-7xj6.json
index 20e8c946f840b..e406e4b9b1aa1 100644
--- a/advisories/github-reviewed/2026/03/GHSA-vpq2-c234-7xj6/GHSA-vpq2-c234-7xj6.json
+++ b/advisories/github-reviewed/2026/03/GHSA-vpq2-c234-7xj6/GHSA-vpq2-c234-7xj6.json
@@ -29,7 +29,7 @@
           "type": "ECOSYSTEM",
           "events": [
             {
-              "introduced": "0"
+              "introduced": "3.0.0"
             },
             {
               "fixed": "3.0.1"
@@ -37,6 +37,25 @@
           ]
         }
       ]
+    },
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@tootallnate/once"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.0.1"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [