A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.
History

Wed, 23 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Palantir

Published: 2023-07-10T21:07:31.073Z

Updated: 2024-10-23T17:30:12.996Z

Reserved: 2023-04-21T11:25:51.028Z

Link: CVE-2023-30956

cve-icon Vulnrichment

Updated: 2024-08-02T14:45:24.243Z

cve-icon NVD

Status : Modified

Published: 2023-07-10T22:15:09.337

Modified: 2024-11-21T08:01:09.050

Link: CVE-2023-30956

cve-icon Redhat

No data.