docs: CVE update 8 9 24 (#3567)

* Added 1 CVE for 8-9-24 * Added Official Summary to 8-9-24 CVE * docs: add CVE * docs: fix formatting issue * docs: adjust jest config * docs: remove jest changes * docs: remove redundant file * Update docs/docs-content/security-bulletins/reports/cve-2024-0743.md Co-authored-by: caroldelwing <[email protected]> --------- Co-authored-by: frederickjoi <[email protected]> Co-authored-by: Lenny Chen <[email protected]> Co-authored-by: caroldelwing <[email protected]>
spectrocloud · Aug 12, 2024 · 2d6c70f · 2d6c70f
1 parent 95d3f40
commit 2d6c70f
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/docs/docs-content/security-bulletins/reports/cve-2024-0743.md b/docs/docs-content/security-bulletins/reports/cve-2024-0743.md
@@ -0,0 +1,34 @@
+---
+sidebar_label: "CVE-2024-0743"
+title: "CVE-2024-0743"
+description: "Lifecycle of CVE-2024-0743"
+hide_table_of_contents: true
+sidebar_class_name: "hide-from-sidebar"
+toc_max_heading_level: 2
+tags: ["security", "cve"]
+---
+
+## CVE Details
+
+[CVE-2024-0743](https://nvd.nist.gov/vuln/detail/CVE-2024-0743)
+
+## Last Update
+
+08/09/2024
+
+## NIST CVE Summary
+
+An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability
+affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
+
+## Our Official Summary
+
+Affected images are third party vSphere CSI drivers. Waiting for the upstream vendor to issue the fix.
+
+## CVE Severity
+
+[7.5](https://nvd.nist.gov/vuln/detail/CVE-2024-0743)
+
+## Status
+
+Ongoing
diff --git a/docs/docs-content/security-bulletins/reports/reports.md b/docs/docs-content/security-bulletins/reports/reports.md
@@ -53,4 +53,5 @@ Click on the CVE ID to view the full details of the vulnerability.
 | [CVE-2015-8855](./cve-2015-8855.md)             | 1/23/17          | 1/26/12       | Palette 4.4.11             | Third-party component: CAPI             | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2015-8855)    | :mag: Ongoing |
 | [CVE-2024-24790](./cve-2024-24790.md)           | 8/6/24           | 8/6/24        | Palette 4.4.11             | Third-party component: Go Project       | [9.8](https://nvd.nist.gov/vuln/detail/CVE-2024-24790)   | :mag: Ongoing |
 | [GHSA-74fp-r6jw-h4mp](./ghsa-74fp-r6jw-h4mp)    | 8/6/24           | 8/6/24        | Palette 4.4.11             | Third-party component: GitHub           | [7.5](https://github.com/advisories/GHSA-74fp-r6jw-h4mp) | :mag: Ongoing |
+| [CVE-2024-0743](./cve-2024-0743.md)             | 08/09/24         | 08/09/24      | Palette 4.4.11             | Third-party component: TLS              | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2024-0743)    | :mag: Ongoing |
 | [PRISMA-2022-0227](./prisma-2022-0227.md)       | 9/12/23          | 9/12/23       | Palette 4.4.11             | Third-party component: vSphere-CSI      | N/A                                                      | :mag: Ongoing |