iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: CVEs fixed on 4.1.0 v2 (#31422)

This commit is contained in:
Daniel Vaz Gaspar 2024-12-12 18:48:54 +00:00 committed by GitHub
parent f510f42b96
commit 988da2c477
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/docs/security/cves.mdx
View File

@ -9,6 +9,7 @@ sidebar_position: 2
| CVE-2024-53947 | Improper SQL authorisation, parse for specific postgres functions | < 4.1.0 | | CVE-2024-53947 | Improper SQL authorisation, parse for specific postgres functions | < 4.1.0 |
| CVE-2024-53948 | Error verbosity exposes metadata in analytics databases | < 4.1.0 | | CVE-2024-53948 | Error verbosity exposes metadata in analytics databases | < 4.1.0 |
| CVE-2024-53949 | Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled | < 4.1.0 | | CVE-2024-53949 | Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled | < 4.1.0 |
| CVE-2024-55633 | SQLLab Improper readonly query validation allows unauthorized write access | < 4.1.0 |
#### Version 4.0.2 #### Version 4.0.2