Skip to main content
Version: 24.1.x

Security Bulletins

Dremio publishes security bulletins that disclose vulnerabilities found in our supported products to inform customers about risks that may be present in their production environments.

Security bulletins are usually published when fixes are available in the affected products. In some cases, we may disclose a vulnerability before the fix is available.

Security bulletins include the following information:

  • Type
  • Qualitative rating as determined by CVSSv3.1 analysis
  • Issue description
  • Issue impact
  • Available mitigations or fixes
BulletinTypeCVSS RatingSubjectDescription
2023-07-22-01VulnerabilityMediumSecurity UpdatePotential unintended user access to restricted data as a result of previously-executed cached plans.
2023-07-22-02VulnerabilityMediumSecurity UpdatePotential unintended user access to restricted data as a result of accelerated DML operation.
2023-07-22-03VulnerabilityMediumSecurity UpdatePotential unintended user access to restricted data as a result of previously cached view.