34 matches found
Palantir Foundry Issues 安全漏洞
Palantir Foundry Issues is an application from Palantir USA. A security vulnerability exists in Palantir Foundry Issues. An attacker could exploit the vulnerability to obtain sensitive information...
PT-2023-18717 · Unknown · Foundry Frontend +1
Name of the Vulnerable Software and Affected Versions: Foundry Issues versions prior to 2.510.0 Foundry Frontend versions prior to 6.228.0 Description: A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an...
CVE-2023-30946
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...
CVE-2023-30946
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...
Code injection
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...
CVE-2023-30946 Issues notification metadata lacks authorization
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...
CVE-2023-30946 Issues notification metadata lacks authorization
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...
CVE-2023-30946
Foundry Issues had an authorization flaw where a user who could not view a resource could query Foundry’s Notification API and retrieve issue metadata (RID, severity, author UUID, and title). Affected are Foundry Issues prior to version 2.497.0; remediation is to upgrade to a fixed release (2.497...
Palantir Foundry Issues 安全漏洞
Palantir Foundry Issues is an application from Palantir USA. A security vulnerability exists in Palantir Foundry Issues prior to version 2.497.0 that stems from allowing unauthorized users to retrieve issue metadata from Foundry's notification API...
PT-2023-23077 · Unknown · Foundry Issues
Name of the Vulnerable Software and Affected Versions: Foundry Issues affected versions not specified Description: A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query...
CVE-2022-27888
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...
Design/Logic Flaw
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...
CVE-2022-27888 The Foundry Issues service was found to be logging in a manner that captured session tokens.
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...
CVE-2022-27888
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...