ReportizFlow
Filtered by vendor Palantir
Subscriptions
Filtered by product Gotham
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27897 | 1 Palantir | 1 Gotham | 2024-11-21 | 5.3 Medium |
| Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server. | ||||
| CVE-2022-27892 | 1 Palantir | 1 Gotham | 2024-11-21 | 5.3 Medium |
| Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service. | ||||
| CVE-2022-27891 | 1 Palantir | 1 Gotham | 2024-11-21 | 5.3 Medium |
| Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0. | ||||
Page 1 of 1.