Field Bulletins
The "Field Bulletins" included in this guide serve to inform regarding identified issues that may affect customer environments. Issues noted here will be updated with the latest status, so please check here often to ensure that you will not be affected by any of them.
- Security Bulletins
- Official Pure Security Response to SolarWinds Attack
- Pure Storage Response to Log4Shell
- Security Advisory: Pure Response to CVE-2022-0847 "Dirty Pipe"
- Security Advisory for Log4j / Log4Shell CVE-2021-44228
- Security Advisory for security-bundle-2022-04-04
- Security Bulletin "SpringShell" or "Spring4Shell" CVE-2022-22965
- Security Bulletin - 3CX Voice Over Internet Protocol (VOIP) Desktop Client Supply Chain Attack
- Security Bulletin - FlashArray pgroup Retention Lock SafeMode Protection CVE-2023-32572
- Security Bulletin - Microsoft Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023
- Security Bulletin - MOVEit Transfer Vulnerabilities
- Security Bulletin for cURL/libcurl Vulnerability CVE-2023-38545 and CVE-2023-38546
- Security Bulletin for CVE-2022-42889 (Apache Commons Text) and CVE-2022-33980 (Apache Commons Configuration)
- Security Bulletin for FlashBlade Object Store Privileged Access Vulnerability CVE-2023-28372
- Security Bulletin for FlashBlade Snapshot Scheduler CVE-2023-36627
- Security Bulletin for Linux ksmbd Vulnerability ZDI-22-1690
- Security Bulletin for Log4j/Log4Shell CVE-2021-44228
- Security Bulletin for OpenSSL v3.0.7 (security-fix release)
- Security Bulletin for Privilege Escalation in VASA CVE-2023-36628
- Security Bulletin for //FB with Native SMB or Kerberos-Based NFS fails to Authenticate with Active Directory After MS Kerberos Patch is Applied