Filtered by vendor Palantir
Subscribe
Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30954 | 1 Palantir | 1 Video-application-server | 2023-11-22 | N/A | 3.7 LOW |
| The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized. | |||||
| CVE-2023-30951 | 1 Palantir | 1 Magritte-rest-source-bundle | 2023-08-09 | N/A | 6.5 MEDIUM |
| The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE). | |||||
| CVE-2023-30950 | 1 Palantir | 1 Foundry Campaigns | 2023-08-09 | N/A | 5.9 MEDIUM |
| The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint | |||||
| CVE-2023-30952 | 1 Palantir | 1 Foundry | 2023-08-08 | N/A | 4.3 MEDIUM |
| A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . | |||||
| CVE-2023-30949 | 1 Palantir | 1 Slate | 2023-08-04 | N/A | 5.3 MEDIUM |
| A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. | |||||
| CVE-2022-27889 | 1 Palantir | 1 Foundry Multipass | 2022-06-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0. | |||||
| CVE-2022-27888 | 1 Palantir | 1 Foundry Issues | 2022-05-05 | 2.1 LOW | 5.5 MEDIUM |
| Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). This issue was fixed in 2.249.1. | |||||