From 704a1b52713c469053f413e17f0fd67737856f45 Mon Sep 17 00:00:00 2001
From: Felix Geyer <felix.geyer@credativ.de>
Date: Fri, 7 Nov 2025 09:37:08 +0100
Subject: [PATCH] Withdraw PYSEC-2023-121

The referenced vulnerability affects the zstd command line tool only.

The fix in zstd touches files in programs/, none in lib/:
https://github.com/facebook/zstd/pull/3220
---
 vulns/zstd/PYSEC-2023-121.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vulns/zstd/PYSEC-2023-121.yaml b/vulns/zstd/PYSEC-2023-121.yaml
index f31fae9b5..4427b75e2 100644
--- a/vulns/zstd/PYSEC-2023-121.yaml
+++ b/vulns/zstd/PYSEC-2023-121.yaml
@@ -1,6 +1,7 @@
 id: PYSEC-2023-121
 modified: 2023-07-25T16:31:58.309647Z
 published: 2023-03-31T20:15:00Z
+withdrawn: 2025-11-07T08:36:08Z
 aliases:
 - CVE-2022-4899
 details: A vulnerability was found in zstd v1.4.10, where an attacker can supply empty