Palantir

Gotham

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2022-27891

  • EPSS 0.2%
  • Veröffentlicht 16.02.2023 16:15:12
  • Zuletzt bearbeitet 21.11.2024 06:56:25

Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recomme...

7.5

CVE-2022-27892

  • EPSS 0.39%
  • Veröffentlicht 16.02.2023 16:15:12
  • Zuletzt bearbeitet 21.11.2024 06:56:25

Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.

7.5

CVE-2022-27897

  • EPSS 0.39%
  • Veröffentlicht 16.02.2023 16:15:12
  • Zuletzt bearbeitet 21.11.2024 06:56:26

Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory r...