purestorage
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting purestorage.
- CVE-2025-9127PX Enterprise Improper Sanitization Vulnerability5.5
- CVE-2024-3057A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.9.8
- CVE-2024-0005A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.9.1
- CVE-2024-0004A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array.9.1
- CVE-2024-0003A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access.9.1
- CVE-2024-0002A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.10.0
- CVE-2024-0001A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.10.0
- CVE-2023-36628Privilege Escalation in VASA8.8
- CVE-2023-32572FlashArray pgroup Retention Lock SafeMode Protection6.5
- CVE-2023-28373FlashArray SafeMode Immutable Vulnerability 4.4
- CVE-2023-36627FlashBlade Snapshot Scheduler7.7
- CVE-2023-31042FlashBlade Object Store Protocol7.7
- CVE-2023-28372FlashBlade Object Store Privileged Access6.5
- CVE-2022-31524The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.9.3
- CVE-2022-32554Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running P...9.8