Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 04998d03f9a7 · 2026-01-23T22:55:10.000Z
GHSA-gq4h-f254-7cw9 GHSA-7fpj-wc8v-9cgc
diff --git a/advisories/github-reviewed/2021/08/GHSA-gq4h-f254-7cw9/GHSA-gq4h-f254-7cw9.json b/advisories/github-reviewed/2021/08/GHSA-gq4h-f254-7cw9/GHSA-gq4h-f254-7cw9.json
@@ -1,11 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gq4h-f254-7cw9",
-  "modified": "2023-06-13T21:53:00Z",
+  "modified": "2026-01-23T22:53:30Z",
   "published": "2021-08-25T21:00:34Z",
+  "withdrawn": "2026-01-23T22:53:29Z",
   "aliases": [],
-  "summary": "Data races in ticketed_lock",
-  "details": "Affected versions of this crate unconditionally implemented `Send` for `ReadTicket<T>` & `WriteTicket<T>`.\nThis allows to send non-Send `T` to other threads.\n\nThis can allows creating data races by cloning types with internal mutability and sending them to other threads (as `T` of `ReadTicket<T>`/`WriteTicket<T>`). Such data races can cause memory corruption or other undefined behavior.\n\nThe flaw was corrected in commit `a986a93` by adding `T: Send` bounds to `Send` impls of `ReadTicket<T>`/`WriteTicket<T>`.\n",
+  "summary": "Duplicate Advisory: Data races in ticketed_lock",
+  "details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-77m6-x95j-75r5. This link is maintained to preserve external references.\n\n## Original Description\nAffected versions of this crate unconditionally implemented `Send` for `ReadTicket<T>` & `WriteTicket<T>`.\nThis allows to send non-Send `T` to other threads.\n\nThis can allows creating data races by cloning types with internal mutability and sending them to other threads (as `T` of `ReadTicket<T>`/`WriteTicket<T>`). Such data races can cause memory corruption or other undefined behavior.\n\nThe flaw was corrected in commit `a986a93` by adding `T: Send` bounds to `Send` impls of `ReadTicket<T>`/`WriteTicket<T>`.",
   "severity": [
     {
       "type": "CVSS_V3",
diff --git a/advisories/github-reviewed/2024/05/GHSA-7fpj-wc8v-9cgc/GHSA-7fpj-wc8v-9cgc.json b/advisories/github-reviewed/2024/05/GHSA-7fpj-wc8v-9cgc/GHSA-7fpj-wc8v-9cgc.json
@@ -1,11 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7fpj-wc8v-9cgc",
-  "modified": "2024-05-30T13:12:13Z",
+  "modified": "2026-01-23T22:53:11Z",
   "published": "2024-05-30T13:12:13Z",
+  "withdrawn": "2026-01-23T22:53:11Z",
   "aliases": [],
-  "summary": "terminal42/contao-tablelookupwizard possible SQL injection in widget field value",
-  "details": "## Impact\nThe currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility.\n\n## Patches\nThe issue has been patched in tablelookupwizard version 3.3.5 and version 4.0.0.\n\n## For more information\nIf you have any questions or comments about this advisory:\n\n- Open an issue in https://github.com/terminal42/contao-tablelookupwizard\n- Email us at info@terminal42.ch",
+  "summary": "Duplicate Advisory: terminal42/contao-tablelookupwizard possible SQL injection in widget field value",
+  "details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-v3mr-gp7j-pw5w. This link is maintained to preserve external references.\n\n## Original Description\n## Impact\nThe currently selected widget values were not correctly sanitized before passing it to the database, leading to an SQL injection possibility.\n\n## Patches\nThe issue has been patched in tablelookupwizard version 3.3.5 and version 4.0.0.\n\n## For more information\nIf you have any questions or comments about this advisory:\n\n- Open an issue in https://github.com/terminal42/contao-tablelookupwizard\n- Email us at info@terminal42.ch",
   "severity": [
     {
       "type": "CVSS_V3",
