Vulnerabilities > Palantir > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2023-30967 Path Traversal vulnerability in Palantir Orbital Simulator
Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system.
network
low complexity
palantir CWE-22
7.5
2023-07-10 CVE-2023-22835 Unspecified vulnerability in Palantir Foundry Frontend and Foundry Issues
A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Foundry Frontend 6.228.0.
network
low complexity
palantir
7.7
2023-02-16 CVE-2022-27890 Improper Certificate Validation vulnerability in Palantir Atlasdb
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API.
network
high complexity
palantir CWE-295
7.4
2023-02-16 CVE-2022-27892 Improper Input Validation vulnerability in Palantir Gotham 3.22.10.4
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.
network
low complexity
palantir CWE-20
7.5
2023-02-16 CVE-2022-27897 Improper Input Validation vulnerability in Palantir Gotham 3.22.10.4
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory.
network
low complexity
palantir CWE-20
7.5
2022-11-15 CVE-2022-27895 Information Exposure Through Log Files vulnerability in Palantir Foundry Build2
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2.
network
low complexity
palantir CWE-532
7.5
2022-11-14 CVE-2022-27896 Information Exposure Through Log Files vulnerability in Palantir Foundry Code-Workbooks 4.144.0/4.460.0
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run.
network
low complexity
palantir CWE-532
7.5