CVE-2022-27897— Palantir Gotham included an endpoint that would log arbitrary sized zip files.
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-27897
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Palantir Gotham included an endpoint that would log arbitrary sized zip files.
Source: NVD (National Vulnerability Database)
Vulnerability Description
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palantir 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palantir是美国Palantir公司的一个数据平台,通过消除后端数据管理和前端数据分析之间的障碍来重新构想人们如何使用数据。 Palantir Gotham 3.22.11.2之前版本存在安全漏洞,该漏洞源于包含一个未经身份验证的端点,该端点会将部分恶意制作的 zip 文件加载到内存中,攻击者利用该漏洞可以重复上传恶意 zip 文件,耗尽调度服务器上的内存资源。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2022-27897
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-27897
请登录查看更多情报信息。
Same Patch Batch · Palantir · 2023-02-16 · 7 CVEs total
| CVE-2022-27890 | 6.3 MEDIUM | Palantir 信任管理问题漏洞 |
| CVE-2022-48307 | 6.3 MEDIUM | Palantir 信任管理问题漏洞 |
| CVE-2022-48308 | 6.3 MEDIUM | Palantir 信任管理问题漏洞 |
| CVE-2022-48306 | 5.7 MEDIUM | Gotham Chat IRC help does not validate hostnames in TLS certificates |
| CVE-2022-27891 | 5.3 MEDIUM | Palantir Gotham included an unauthenticated endpoint that listed all active usernames in t |
| CVE-2022-27892 | 5.3 MEDIUM | Palantir Gotham included an endpoint that would log arbitrary sized payloads. |
IV. Related Vulnerabilities
Same vendor: Palantir
- CVE-2025-68609
Authentication bypass in Aries due to misconfiguration - CVE-2025-62487
Under certain configurations, file artifacts uploaded to the - CVE-2023-30971
Gaia unauthenticated endpoints - CVE-2024-49587
Glutton V1 endpoints missing authentication - CVE-2025-53710
Network boundaries not respected in certain Foundry namespac
Same weakness: CWE-20
V. Comments for CVE-2022-27897
No comments yet