Vulnerabilities > Palantir
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-04 | CVE-2022-27894 | Cross-site Scripting vulnerability in Palantir Foundry Blobster The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Foundry to launch attacks against other users. | 5.4 |
2022-06-14 | CVE-2022-27889 | Improper Control of Dynamically-Managed Code Resources vulnerability in Palantir Foundry Multipass The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. | 9.1 |
2022-04-26 | CVE-2022-27888 | Information Exposure Through Log Files vulnerability in Palantir Foundry Issues Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). | 5.5 |