Security Advisory

CVE-2022-27897

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-16 00:00:00

Last updated 2025-03-18 15:08:30

Assigner Palantir

State PUBLISHED

Description

Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server.

← Browse all CVEs View on cve.org ↗