This is an automated email from the ASF dual-hosted git repository.
dpgaspar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/superset.git
The following commit(s) were added to refs/heads/master by this push:
new 988da2c477 docs: CVEs fixed on 4.1.0 v2 (#31422)
988da2c477 is described below
commit 988da2c4778b5c69427dde29b01ba9e9500ac954
Author: Daniel Vaz Gaspar <[email protected]>
AuthorDate: Thu Dec 12 18:48:54 2024 +0000
docs: CVEs fixed on 4.1.0 v2 (#31422)
---
docs/docs/security/cves.mdx | 1 +
1 file changed, 1 insertion(+)
diff --git a/docs/docs/security/cves.mdx b/docs/docs/security/cves.mdx
index 6db102b8f4..778cb72ab7 100644
--- a/docs/docs/security/cves.mdx
+++ b/docs/docs/security/cves.mdx
@@ -9,6 +9,7 @@ sidebar_position: 2
| CVE-2024-53947 | Improper SQL authorisation, parse for specific postgres
functions | < 4.1.0 |
| CVE-2024-53948 | Error verbosity exposes metadata in analytics databases
| < 4.1.0 |
| CVE-2024-53949 | Lower privilege users are able to create Role when
FAB_ADD_SECURITY_API is enabled | < 4.1.0 |
+| CVE-2024-55633 | SQLLab Improper readonly query validation allows
unauthorized write access | < 4.1.0 |
#### Version 4.0.2
