Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Palantir — Vulnerabilities & Security Advisories 47

Browse all 47 CVE security advisories affecting Palantir. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Palantir:com.palantir.foundry:foundry-frontendGothamcom.palantir.comments:commentscom.palantir.acme.gaia:gaiacom.palantir.acme.cerberus:cerberuscom.palantir.magritte:magritte-rest-source-bundlecom.palantir.acme:gotham-fe-bundlecom.palantir.apollo:autopilotcom.palantir.tiles:tilescom.palantir.meta:orbital-simulatorcom.palantir.video:video-application-servercom.palantir.skywise:guardiancom.palantir.gotham:blackbird-witchcraftcom.palantir.srx.prometheus.sls-oracle-sidecar:sls-oracle-sidecarcom.palantir.gotham:external-artifactscom.palantir.artifacts:artifactscom.palantir.secupload:secure-uploadcom.palantir.controlpanel:control-panelcom.palantir.compute:compute-servicecom.palantir.gotham:gluttoncom.palantir.acme:gotham-default-apps-bundlecom.palantir.aries:ariessls-loggingFoundry MultipassAtlasDBFoundry Magritte plugin osisoft-pi-web-connectorFoundry Blobster ServiceFoundry Build2Foundry Code-WorkbooksPalantir Gotham Chat IRC helper
CVE IDTitleCVSSSeverityPublished
CVE-2023-22834 The contour service was not checking that users had permission to create an analysis for a given dataset — com.palantir.contour:contour-dispatchCWE-425 2.7 Low2023-06-26
CVE-2023-30945 CVE-2023-30945 — com.palantir.gotham:clips2CWE-287 9.8 Critical2023-06-26
CVE-2023-22833 Mandatory control bypass in Lime2 — com.palantir.lime:lime2CWE-304 7.6 High2023-06-06
CVE-2023-30948 Retrieval of Attachments to Comments lacks Authorization — com.palantir.comments:commentsCWE-285 6.5 Medium2023-06-06
CVE-2022-48308 Palantir 信任管理问题漏洞 — sls-loggingCWE-297 6.3 Medium2023-02-16
CVE-2022-27890 Palantir 信任管理问题漏洞 — AtlasDBCWE-297 6.3 Medium2023-02-16
CVE-2022-27891 Palantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session. — GothamCWE-200 5.3 Medium2023-02-16
CVE-2022-27892 Palantir Gotham included an endpoint that would log arbitrary sized payloads. — GothamCWE-20 5.3 Medium2023-02-16
CVE-2022-27897 Palantir Gotham included an endpoint that would log arbitrary sized zip files. — GothamCWE-20 5.3 Medium2023-02-16
CVE-2022-48306 Gotham Chat IRC help does not validate hostnames in TLS certificates — Palantir Gotham Chat IRC helperCWE-297 5.7 Medium2023-02-16
CVE-2022-48307 Palantir 信任管理问题漏洞 — Foundry MagritteCWE-297 6.3 Medium2023-02-16
CVE-2022-27895 A component in Foundry logging was found to be capturing sensitive information in logs. — Foundry Build2CWE-532 4.2 Medium2022-11-15
CVE-2022-27896 The Foundry Code-Workbooks service was found to contain an issue leading to information disclosure. — Foundry Code-WorkbooksCWE-532 4.2 Medium2022-11-14
CVE-2022-27894 The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability. — Foundry Blobster ServiceCWE-79 4.8 Medium2022-11-04
CVE-2022-27893 The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests. — Foundry Magritte plugin osisoft-pi-web-connectorCWE-532 4.2 Medium2022-11-04
CVE-2022-27889 The Foundry Multipass service contains code paths that could be abused to cause a denial of service for authentication and authorization operations. — Foundry MultipassCWE-400 5.3 Medium2022-06-14
CVE-2022-27888 The Foundry Issues service was found to be logging in a manner that captured session tokens. — Foundry IssuesCWE-532 5.5 Medium2022-04-26

This page lists every published CVE security advisory associated with Palantir. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.