docs: CVEs fixed on 4.1.0 v2 (apache#31422)

preset-io · Dec 12, 2024 · 988da2c · 988da2c
1 parent f510f42
commit 988da2c
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/docs/docs/security/cves.mdx b/docs/docs/security/cves.mdx
@@ -9,6 +9,7 @@ sidebar_position: 2
 | CVE-2024-53947 | Improper SQL authorisation, parse for specific postgres functions                  |  < 4.1.0 |
 | CVE-2024-53948 | Error verbosity exposes metadata in analytics databases                            |  < 4.1.0 |
 | CVE-2024-53949 | Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled |  < 4.1.0 |
+| CVE-2024-55633 | SQLLab Improper readonly query validation allows unauthorized write access         |  < 4.1.0 |
 
 #### Version 4.0.2