Vulnerabilities > Palantir > Foundry Comments

DATE CVE VULNERABILITY TITLE RISK
2023-07-10 CVE-2023-30956 Unspecified vulnerability in Palantir Foundry Comments
A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment.
network
high complexity
palantir
5.3
2023-06-06 CVE-2023-30948 Missing Authorization vulnerability in Palantir Foundry Comments
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks.
network
low complexity
palantir CWE-862
6.5