| sidebar_label | title | description | icon | hide_table_of_contents | sidebar_position | toc_max_heading_level | tags | ||
|---|---|---|---|---|---|---|---|---|---|
CVE Reports |
CVE Reports |
Security bulletins for Common Vulnerabilities and Exposures (CVEs) related to Palette and Palette VerteX |
true |
0 |
2 |
|
import CveReportsTable from "@site/src/components/CveReportsTable";
The vulnerabilities reported in this Security Bulletin include vulnerabilities within the Palette VerteX, Palette Enterprise, and airgap environments. The reported vulnerabilities also include third-party component vulnerabilities, which we have become aware of. These vulnerabilities are discovered via our Bug Bounty program, our security monitoring program, or reported to us by our supply chain.
:::info
The CVSS Severity is provided by either the third-party service provider, or NIST CVE. We do not provide the criticality score for third-party components. Previous security bulletins are available in the Security Bulletins Archive.
:::
To fix all the vulnerabilities impacting your products, we recommend patching your instances to the latest version regarding any third-party components. For vulnerabilities originating in our products, we will provide mitigations and workarounds where applicable.
We use the following statuses to track the progress of each vulnerability. N - 2 means two versions behind the latest versions.
| Status | Description |
|---|---|
| Open | The vulnerability has been identified and is pending an investigation. |
| Ongoing | The vulnerability is being investigated. |
| Fixed | The vulnerability has been addressed in the latest versions of Palette or Vertex. Previous versions (N -2) are being worked on. |
| Closed | The vulnerability has been addressed in the latest version and in N - 2 versions. |
By default, the table is sorted to display descending entries that were recently modified. Click on the CVE ID to view the full details of the vulnerability.