Vulnerabilities > Palantir > Low

DATE CVE VULNERABILITY TITLE RISK
2023-11-15 CVE-2023-30954 Race Condition vulnerability in Palantir Video-Application-Server
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized.
network
high complexity
palantir CWE-362
3.7
2023-02-16 CVE-2022-48308 Improper Certificate Validation vulnerability in Palantir Sls-Logging
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API.
network
high complexity
palantir CWE-295
3.7
2023-02-16 CVE-2022-48307 Improper Certificate Validation vulnerability in Palantir Magritte-Ftp
It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API.
network
high complexity
palantir CWE-295
3.7
2022-04-26 CVE-2022-27888 Information Exposure Through Log Files vulnerability in Palantir Foundry Issues
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens).
local
low complexity
palantir CWE-532
2.1