From e82aae46e47a19dc2dc6e2502c5728701b33e43e Mon Sep 17 00:00:00 2001
From: Dave Quinlan <83430497+daveqnet@users.noreply.github.com>
Date: Mon, 1 Jul 2024 11:18:29 +0100
Subject: [PATCH] docs: update 2.39.1 changelog to include CVE-2024-38537

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3b23da9251..4642037278 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,6 +42,9 @@ The types of changes are:
 ### Removed
 - Removed the `fetch` polyfill from FidesJS [#5026](https://github.com/ethyca/fides/pull/5026)
 
+### Security
+- Removed FidesJS's exposure to `polyfill.io` supply chain attack [CVE-2024-38537](https://github.com/ethyca/fides/security/advisories/GHSA-cvw4-c69g-7v7m)
+
 ## [2.39.0](https://github.com/ethyca/fides/compare/2.38.1...2.39.0)
 
 ### Added