Filtered by vendor Palantir
Subscriptions
Filtered by product Foundry
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53710 | 1 Palantir | 2 Foundry, Foundry Container Service | 2025-12-19 | 7.5 High |
| Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This issue resulted in bypass of access control due to the presence of a vulnerable endpoint in Foundry Container Service that executed user-controlled commands locally. | ||||
| CVE-2024-49581 | 1 Palantir | 1 Foundry | 2025-07-13 | 6.5 Medium |
| Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users. The affected service have been patched and automatically deployed to all Apollo-managed Foundry instances. | ||||
| CVE-2023-22833 | 1 Palantir | 1 Foundry | 2025-01-07 | 7.6 High |
| Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances. | ||||
| CVE-2023-30952 | 1 Palantir | 1 Foundry | 2024-11-21 | 5 Medium |
| A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . | ||||
Page 1 of 1.