If you are posting or editing a draft repository Security Advisory and the vulnerability impacts multiple packages and/or ecosystems, you can now identify all applicable affected products in the advisory.

In the past, users needed to publish multiple advisories for the same vulnerability because they could only select one ecosystem and package per advisory.

Add affected product