GHSA-qmq6-f8pr-cx5x: Duplicate Advisory: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

April 23, 2026 (updated May 5, 2026)

This advisory has been withdrawn.

References

github.com/advisories/GHSA-qmq6-f8pr-cx5x
github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34
github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq
nvd.nist.gov/vuln/detail/CVE-2026-41988

Code Behaviors & Features

Detect and mitigate GHSA-qmq6-f8pr-cx5x with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →