CVE-2024-56334 now fixed in 1.4.1

Signed-off-by: Nick Boldt <nboldt@redhat.com>
redhat-developer · Jan 15, 2025 · f7f017c · f7f017c
1 parent 462e8fb
commit f7f017c
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/modules/release-notes/list-fixed-security-issues-in-product-1.4.1.txt b/modules/release-notes/list-fixed-security-issues-in-product-1.4.1.txt
@@ -3,6 +3,4 @@ CVE-2024-56201, rhdh/rhdh-hub-rhel9: Jinja has a sandbox breakout through malici
 CVE-2024-56326, rhdh/rhdh-hub-rhel9: Jinja has a sandbox breakout through indirect reference to format method
 CVE-2024-55565, rhdh-hub-container: nanoid mishandles non-integer values
 CVE-2024-52798, rhdh-hub-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x
-
-# not yet fixed for 1.4.z
-# CVE-2024-56334, rhdh/rhdh-hub-rhel9: Command injection vulnerability in getWindowsIEEE8021x (SSID) function in systeminformation
+CVE-2024-56334, rhdh/rhdh-hub-rhel9: Command injection vulnerability in getWindowsIEEE8021x (SSID) function in systeminformation