Security Bulletin Changes #3120
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for docs-spectrocloud ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
karl-cardenas-coding
added
backport-version-4-0
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
|
||
| | CVE ID | Initial Pub Date | Modified Date | Impacted Product & Version | Vulnerability Type | CVSS Severity | Status | | ||
| | ----------------------------------------------- | ---------------- | ------------- | -------------------------- | --------------------------------------- | -------------------------------------------------------- | ------------- | | ||
| | [CVE-2023-52425](./cve-2023-52425.md) | 02/04/2024 | 06/14/2024 | Palette 4.4.8 | Third-party component: vSphere-CSI | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | :mag: Ongoing | |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Google.DateFormat] Use 'July 31, 2016' format, not '02/04/2024'.
|
|
||
| | CVE ID | Initial Pub Date | Modified Date | Impacted Product & Version | Vulnerability Type | CVSS Severity | Status | | ||
| | ----------------------------------------------- | ---------------- | ------------- | -------------------------- | --------------------------------------- | -------------------------------------------------------- | ------------- | | ||
| | [CVE-2023-52425](./cve-2023-52425.md) | 02/04/2024 | 06/14/2024 | Palette 4.4.8 | Third-party component: vSphere-CSI | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | :mag: Ongoing | |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Google.DateFormat] Use 'July 31, 2016' format, not '06/14/2024'.
|
|
||
| | CVE ID | Last Update | NIST CVE Summary | Our Official Summary | CVE Severity | Status | | ||
| | ----------------------------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | ------------------------------------------------------ | ------- | | ||
| | [CVE-2023-52425](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | 7/16/24 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | The CVE is reported in vsphere-csi 3.2.0. | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | Ongoing | |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Vale.Spelling] Did you really mean 'libexpat'?
|
|
||
| | CVE ID | Last Update | NIST CVE Summary | Our Official Summary | CVE Severity | Status | | ||
| | ----------------------------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | ------------------------------------------------------ | ------- | | ||
| | [CVE-2023-52425](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | 7/16/24 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | The CVE is reported in vsphere-csi 3.2.0. | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | Ongoing | |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Vale.Spelling] Did you really mean 'reparsings'?
|
|
||
| | CVE ID | Last Update | NIST CVE Summary | Our Official Summary | CVE Severity | Status | | ||
| | ----------------------------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | ------------------------------------------------------ | ------- | | ||
| | [CVE-2023-52425](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | 7/16/24 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | The CVE is reported in vsphere-csi 3.2.0. | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2023-52425) | Ongoing | |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Vale.Terms] Use 'vSphere' instead of 'vsphere'.
vault-token-factory-spectrocloud bot
pushed a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae (cherry picked from commit 9bbd508)
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation and see the Github Action logs for details |
vault-token-factory-spectrocloud bot
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae (cherry picked from commit 9bbd508) Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com>
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
This was referenced Jul 17, 2024
Merged
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
karl-cardenas-coding
added a commit
that referenced
this pull request
Jul 17, 2024
* docs: DOC-1241 * docs: draft * chore: updated with link * docs: updated disclosures * docs: updated * chore: updated * docs: updated * docs: updates * chore: updates * chore: fix * chore: missing URLs * chore: updated prettier to exclude cve-page * chore: added N/A versus leaving blank * docs: updated CVEs * docs: update * docs: added airgap * docs: fixed minor issue * docs: fix broken URL * docs: updated intro langugae
Merged
1 task
This was referenced Nov 22, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe the Change
This PR updates the security bulletin index page.
Changed Pages
💻 Preview URL for Page
Jira Tickets
🎫 DOC-1241
Backports
Can this PR be backported?