From 571eaa98ec8b7cbefae52f165f0579632b1c3dec Mon Sep 17 00:00:00 2001 From: Dj Walker-Morgan Date: Mon, 7 Aug 2023 17:59:15 +0100 Subject: [PATCH] Updates inc legal Signed-off-by: Dj Walker-Morgan --- advocacy_docs/security/advisories/cve20074639.mdx | 14 +++++--------- advocacy_docs/security/advisories/cve201910128.mdx | 14 +++++--------- advocacy_docs/security/advisories/cve202331043.mdx | 14 +++++--------- advocacy_docs/security/index.mdx | 4 +--- 4 files changed, 16 insertions(+), 30 deletions(-) diff --git a/advocacy_docs/security/advisories/cve20074639.mdx b/advocacy_docs/security/advisories/cve20074639.mdx index 7d5673bb090..819cb21c3bf 100644 --- a/advocacy_docs/security/advisories/cve20074639.mdx +++ b/advocacy_docs/security/advisories/cve20074639.mdx @@ -13,14 +13,10 @@ EDB Postgres Advanced Server 8.2 (EPAS) does not properly handle certain debuggi ## Vulnerability details -CVE-ID: [CVE-2007-4639](https://nvd.nist.gov/vuln/detail/CVE-2007-4639) - -CVSS Base Score: Undefined - -CVSS Temporal Score: Undefined - -CVSS Environmental Score: Undefined - +CVE-ID: [CVE-2007-4639](https://nvd.nist.gov/vuln/detail/CVE-2007-4639) +CVSS Base Score: Undefined +CVSS Temporal Score: Undefined +CVSS Environmental Score: Undefined CVSS Vector: Undefined ## Affected products and versions @@ -58,4 +54,4 @@ Source: MITRE ## Disclaimer -Legal can put any disclaimer they would like here +This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document. \ No newline at end of file diff --git a/advocacy_docs/security/advisories/cve201910128.mdx b/advocacy_docs/security/advisories/cve201910128.mdx index ae81964ac8a..2ed811f86a1 100644 --- a/advocacy_docs/security/advisories/cve201910128.mdx +++ b/advocacy_docs/security/advisories/cve201910128.mdx @@ -13,14 +13,10 @@ A vulnerability was found in PostgreSQL versions 11.x prior to 11.3. The Windows ## Vulnerability details -CVE-ID: [CVE-2019-10128](https://nvd.nist.gov/vuln/detail/CVE-2019-10128) - -CVSS Base Score: 7.8 - -CVSS Temporal Score: Undefined - -CVSS Environmental Score: Undefined - +CVE-ID: [CVE-2019-10128](https://nvd.nist.gov/vuln/detail/CVE-2019-10128) +CVSS Base Score: 7.8 +CVSS Temporal Score: Undefined +CVSS Environmental Score: Undefined CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ## Affected products and versions @@ -67,4 +63,4 @@ Source: Red Hat Inc ## Disclaimer -Legal can put any disclaimer they would like here +This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document. diff --git a/advocacy_docs/security/advisories/cve202331043.mdx b/advocacy_docs/security/advisories/cve202331043.mdx index 164fb663eca..99d492e03ce 100644 --- a/advocacy_docs/security/advisories/cve202331043.mdx +++ b/advocacy_docs/security/advisories/cve202331043.mdx @@ -13,14 +13,10 @@ EDB Postgres Advanced Server (EPAS) versions before 14.6.0 log unredacted passwo ## Vulnerability details -CVE-ID: [CVE-2023-31043](https://nvd.nist.gov/vuln/detail/CVE-2023-31043) - -CVSS Base Score: 7.5 - -CVSS Temporal Score: Undefined - -CVSS Environmental Score: Undefined - +CVE-ID: [CVE-2023-31043](https://nvd.nist.gov/vuln/detail/CVE-2023-31043) +CVSS Base Score: 7.5 +CVSS Temporal Score: Undefined +CVSS Environmental Score: Undefined CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N ## Affected products and versions @@ -69,4 +65,4 @@ Source: Mitre ## Disclaimer -Legal can put any disclaimer they would like here +This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document. diff --git a/advocacy_docs/security/index.mdx b/advocacy_docs/security/index.mdx index 3b93e73092e..db60153ea2c 100644 --- a/advocacy_docs/security/index.mdx +++ b/advocacy_docs/security/index.mdx @@ -11,9 +11,7 @@ navigation: - advisories --- -We are committed to a security first approach to everything we do at [EnterpriseDB](https://www.enterprisedb.com/). Here are the current policies and advisories. - -This policy outlines how EnterpriseDB handles disclosures related to suspected vulnerabilities within our products, systems, or services. It also provides guidance for those who wish to perform security research, or may have discovered a potential security vulnerability impacting EDB. +EDB is committed to a security first approach, from the products we build and the platforms we operate, to the services we provide our customers. Transparency is a core principle for the program and part of this effort includes welcoming incoming reports so that we can address concerns surfaced by our customers or security researchers. You’ll also find it in our advisories, which detail issues found and the required fixes or mitigations needed to keep your data and databases safe. ## Policies