Filtered by vendor Palantir
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30951 | 1 Palantir | 1 Magritte-rest-source-bundle | 2023-08-09 | N/A | 6.5 MEDIUM |
| The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE). | |||||
| CVE-2023-30950 | 1 Palantir | 1 Foundry Campaigns | 2023-08-09 | N/A | 5.9 MEDIUM |
| The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint | |||||
| CVE-2023-30952 | 1 Palantir | 1 Foundry | 2023-08-08 | N/A | 4.3 MEDIUM |
| A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . | |||||
| CVE-2023-30949 | 1 Palantir | 1 Slate | 2023-08-04 | N/A | 5.3 MEDIUM |
| A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. | |||||
| CVE-2022-27888 | 1 Palantir | 1 Foundry Issues | 2022-05-05 | 2.1 LOW | 5.5 MEDIUM |
| Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). This issue was fixed in 2.249.1. | |||||