spectrocloud · karl-cardenas-coding · Oct 16, 2024 · Oct 14, 2024 · Oct 14, 2024 · Oct 15, 2024
@@ -35,10 +35,13 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/25/2024 CVE remediated in Palette VerteX airgap 4.4.18
+- 4.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -0,0 +1,43 @@
+---
+sidebar_label: "CVE-2011-4116"
+title: "CVE-2011-4116"
+description: "Lifecycle of CVE-2011-4116"
+hide_table_of_contents: true
+sidebar_class_name: "hide-from-sidebar"
+toc_max_heading_level: 2
+tags: ["security", "cve"]
+---
+
+## CVE Details
+
+[CVE-2011-4116](https://nvd.nist.gov/vuln/detail/CVE-2011-4116)
+
+## Last Update
+
+10/14/24
+
+## NIST CVE Summary
+
+_is_safe in the File::Temp module for Perl does not properly handle symlinks.
+
+## Our Official Summary
+
+Investigation is ongoing to determine how this vulnerability affects our products.
+
+## CVE Severity
+
+[7.5](https://nvd.nist.gov/vuln/detail/CVE-2011-4116)
+
+## Status
+
+Ongoing
+
+## Affected Products & Versions
+
+- Palette Enterprise 4.5.3
+- Palette VerteX 4.5.3
+
+## Revision History
+
+- 1.0 10/14/24 Initial Publication
+- 2.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -37,12 +37,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -37,10 +37,10 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added palette VerteX 4.4.14 to Affected Products
-- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/25/2024 CVE remediated in Palette VerteX airgap 4.4.18
@@ -36,9 +36,10 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.11
+- Palette VerteX airgap 4.4.11
 
 ## Revision History
 
 - 1.0 07/31/2024 Initial Publication
-- 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14 -- 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18
+- 2.0 08/17/2024 Remediated in Palette VerteX airgap 4.4.14 
+- 3.0 09/25/2024 Remediated in Palette VerteX airgap 4.4.18
@@ -34,10 +34,10 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/25/2024 CVE remediated in Palette VerteX airgap 4.4.18
@@ -35,12 +35,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -35,12 +35,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -38,10 +38,10 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/25/2024 CVE remediated in Palette VerteX airgap 4.4.18
@@ -36,12 +36,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -38,12 +38,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -36,12 +36,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -0,0 +1,43 @@
+---
+sidebar_label: "CVE-2018-6829"
+title: "CVE-2018-6829"
+description: "Lifecycle of CVE-2018-6829"
+hide_table_of_contents: true
+sidebar_class_name: "hide-from-sidebar"
+toc_max_heading_level: 2
+tags: ["security", "cve"]
+---
+
+## CVE Details
+
+[CVE-2018-6829](https://nvd.nist.gov/vuln/detail/CVE-2018-6829)
+
+## Last Update
+
+10/14/24
+
+## NIST CVE Summary
+
+Cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
+
+## Our Official Summary
+
+Investigation is ongoing to determine how this vulnerability affects our products.
+
+## CVE Severity
+
+[7.5](https://nvd.nist.gov/vuln/detail/CVE-2018-6829)
+
+## Status
+
+Ongoing
+
+## Affected Products & Versions
+
+- Palette Enterprise 4.5.3
+- Palette VerteX 4.5.3
+
+## Revision History
+
+- 1.0 10/14/24 Initial Publication
+- 2.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -36,12 +36,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -34,12 +34,15 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14, 4.4.18, 4.5.3
-- Palette Enterprise 4.4.18, 4.5.3
+- Palette VerteX airgap 4.4.14, 4.4.18, 4.5.3
+- Palette Enterprise airgap 4.4.18, 4.5.3
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
-- 3.0 09/17/2024 Added Palette VerteX 4.4.18 & Palette Enterprise 4.4.18 to Affected Products
-- 4.0 10/10/2024 Added Palette VerteX 4.5.3 & Palette Enterprise 4.5.3 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 09/17/2024 Added Palette VerteX airgap 4.4.18 & Palette Enterprise airgap 4.4.18 to Affected Products
+- 4.0 10/10/2024 Added Palette VerteX airgap 4.5.3 & Palette Enterprise airgap 4.5.3 to Affected Products
+- 5.0 10/14/2024 Added Palette Enterprise & Palette VerteX 4.5.3 to Affected Products
@@ -36,9 +36,12 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
-- 2.0 08/17/2024 Added palette VerteX 4.4.14 to Affected Products
+- 2.0 08/17/2024 Added Palette VerteX airgap 4.4.14 to Affected Products
+- 3.0 10/14/2024 Added Palette VerteX & Palette Enterptise 4.5.3 to Affected Products
@@ -35,10 +35,13 @@ Ongoing
 
 ## Affected Products & Versions
 
-- Palette VerteX 4.4.14
+- Palette VerteX airgap 4.4.14
+- Palette VerteX 4.5.3
+- Palette Enterprise 4.5.3 
 
 ## Revision History
 
 - 1.0 08/16/2024 Initial Publication
 - 2.0 08/17/2024 Added palette VerteX 4.4.14 to Affected Products
 - 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
+- 4.0 10/14/2024 Added Palette VerteX & Palette Enterptise 4.5.3 to Affected Products