|White Papers||Field Bulletins||CVE Database (login required)||Contact Us|
Our Security features are documented across various Product Documentation on our site. Here's a quick reference to our various Security sections.
WAF rules mitigated against exploitation regarding the "Spring4Shell" Remote Code Execution Vulnerability (CVE-2022-22965).
A self-service, online, non-disruptive patch to address the Log4j vulnerability (CVE-2021-44228) is now available.
This informative guide provides insights on how to respond to significant industry wide security vulnerabilities such as Log4j.
This advisory describes a Linux kernel privilege escalation vulnerability that allows a local user to gain super-user privileges. CVSS Base score 7.8 High (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). (CVE-2022-0847)
A self-service, online, non-disruptive patch to address four distinct security concerns is NOW AVAILABLE. The issues affect only FlashArray and FlashBlade products; no other Pure Storage products or services are affected. The security bundle patch can be delivered via Pure1 for certain versions. Click here for the Security Bulletin and FAQ regarding this cumulative Security Bundle release.