Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Palantir Gotham included an endpoint that would log arbitrary sized payloads.
Vulnerability Description
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
输入验证不恰当
Vulnerability Title
Palantir 输入验证错误漏洞
Vulnerability Description
Palantir是美国Palantir公司的一个数据平台,通过消除后端数据管理和前端数据分析之间的障碍来重新构想人们如何使用数据。 Palantir Gotham 3.22.11.2之前版本存在安全漏洞,该漏洞源于包含一个未经身份验证的端点,该端点允许攻击者耗尽 Gotham 调度服务的内存。
CVSS Information
N/A
Vulnerability Type
N/A