diff --git a/advisories/github-reviewed/2022/05/GHSA-gp2j-mg4w-2rh5/GHSA-gp2j-mg4w-2rh5.json b/advisories/github-reviewed/2022/05/GHSA-gp2j-mg4w-2rh5/GHSA-gp2j-mg4w-2rh5.json
index d7810aa565956..bcebd4ffcfe48 100644
--- a/advisories/github-reviewed/2022/05/GHSA-gp2j-mg4w-2rh5/GHSA-gp2j-mg4w-2rh5.json
+++ b/advisories/github-reviewed/2022/05/GHSA-gp2j-mg4w-2rh5/GHSA-gp2j-mg4w-2rh5.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gp2j-mg4w-2rh5",
-  "modified": "2023-09-06T20:12:50Z",
+  "modified": "2023-09-06T20:12:51Z",
   "published": "2022-05-24T17:17:04Z",
   "aliases": [
     "CVE-2020-7645"
   ],
   "summary": "chrome-launcher subject to OS Command Injection",
-  "details": "chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the `$HOME` environment variable in Linux operating systems. This issue is patched in version 0.13.2.",
+  "details": "chrome-launcher prior to 0.13.2 is subject to OS Command Injection via the `$HOME` environment variable in Linux operating systems. This issue is patched in version 0.13.2.\n\n`0.10.6` is not affected despite falling between affected releases, because the npm tarball for that version is a broken publish and omits the vulnerable module entirely.",
   "severity": [
     {
       "type": "CVSS_V3",