From 0724d9e7ea34cb8ad9068ddf5bd94e4020a351c4 Mon Sep 17 00:00:00 2001
From: Antoine Arlaud <antoine@snyk.io>
Date: Tue, 27 Aug 2024 11:44:23 +0200
Subject: [PATCH] fix: add ws mitigated vuln info in security.md

---
 SECURITY.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/SECURITY.md b/SECURITY.md
index 4177af715..56c495ce8 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -22,3 +22,4 @@ Please do not log security concerns as GitHub issues, as that could alert attack
 | [CVE-2020-7652](https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570611) | < 4.80.0 | Allows arbitrary file reads by renaming files to match whitelisted paths | Wing Chan of The Hut Group |
 | [CVE-2020-7653](https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570612) | < 4.80.0 | Allows arbitrary file reads by creating symlinks to match whitelisted paths | Wing Chan of The Hut Group |
 | [CVE-2020-7654](https://snyk.io/vuln/SNYK-JS-SNYKBROKER-570613) | <= 4.73.0 | Logs private keys if logging level is set to DEBUG | Wing Chan of The Hut Group |
+| [CVE-2024-37890](https://security.snyk.io/vuln/SNYK-JS-WS-7266574) | <= 4.191.0 | Denial of Service negligible risk for Broker use case. Mitigated from 4.191.1 | Ryan LaPointe |