-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* 10-14-24 cve updates * ci: auto-formatting prettier issues * chore: fix redirect --------- Co-authored-by: frederickjoi <[email protected]> Co-authored-by: Karl Cardenas <[email protected]> (cherry picked from commit 36ebec5) Co-authored-by: frederickjoi <[email protected]>
- Loading branch information
1 parent
be1216c
commit da67d29
Showing
107 changed files
with
1,749 additions
and
322 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
43 changes: 43 additions & 0 deletions
43
docs/docs-content/security-bulletins/reports/cve-2011-4116.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| --- | ||
| sidebar_label: "CVE-2011-4116" | ||
| title: "CVE-2011-4116" | ||
| description: "Lifecycle of CVE-2011-4116" | ||
| hide_table_of_contents: true | ||
| sidebar_class_name: "hide-from-sidebar" | ||
| toc_max_heading_level: 2 | ||
| tags: ["security", "cve"] | ||
| --- | ||
|
|
||
| ## CVE Details | ||
|
|
||
| [CVE-2011-4116](https://nvd.nist.gov/vuln/detail/CVE-2011-4116) | ||
|
|
||
| ## Last Update | ||
|
|
||
| 10/14/24 | ||
|
|
||
| ## NIST CVE Summary | ||
|
|
||
| \_is_safe in the File::Temp module for Perl does not properly handle symlinks. | ||
|
|
||
| ## Our Official Summary | ||
|
|
||
| Investigation is ongoing to determine how this vulnerability affects our products. | ||
|
|
||
| ## CVE Severity | ||
|
|
||
| [7.5](https://nvd.nist.gov/vuln/detail/CVE-2011-4116) | ||
|
|
||
| ## Status | ||
|
|
||
| Ongoing | ||
|
|
||
| ## Affected Products & Versions | ||
|
|
||
| - Palette Enterprise 4.5.3 | ||
| - Palette VerteX 4.5.3 | ||
|
|
||
| ## Revision History | ||
|
|
||
| - 1.0 10/14/24 Initial Publication | ||
| - 2.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
docs/docs-content/security-bulletins/reports/cve-2018-6829.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| --- | ||
| sidebar_label: "CVE-2018-6829" | ||
| title: "CVE-2018-6829" | ||
| description: "Lifecycle of CVE-2018-6829" | ||
| hide_table_of_contents: true | ||
| sidebar_class_name: "hide-from-sidebar" | ||
| toc_max_heading_level: 2 | ||
| tags: ["security", "cve"] | ||
| --- | ||
|
|
||
| ## CVE Details | ||
|
|
||
| [CVE-2018-6829](https://nvd.nist.gov/vuln/detail/CVE-2018-6829) | ||
|
|
||
| ## Last Update | ||
|
|
||
| 10/14/24 | ||
|
|
||
| ## NIST CVE Summary | ||
|
|
||
| Cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, | ||
| which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic | ||
| security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for | ||
| Libgcrypt's ElGamal implementation. | ||
|
|
||
| ## Our Official Summary | ||
|
|
||
| Investigation is ongoing to determine how this vulnerability affects our products. | ||
|
|
||
| ## CVE Severity | ||
|
|
||
| [7.5](https://nvd.nist.gov/vuln/detail/CVE-2018-6829) | ||
|
|
||
| ## Status | ||
|
|
||
| Ongoing | ||
|
|
||
| ## Affected Products & Versions | ||
|
|
||
| - Palette Enterprise 4.5.3 | ||
| - Palette VerteX 4.5.3 | ||
|
|
||
| ## Revision History | ||
|
|
||
| - 1.0 10/14/24 Initial Publication | ||
| - 2.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.