{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T17:51:05.315","vulnerabilities":[{"cve":{"id":"CVE-2022-27896","sourceIdentifier":"cve-coordination@palantir.com","published":"2022-11-14T21:15:10.930","lastModified":"2024-11-21T06:56:26.163","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0."},{"lang":"es","value":"Vulnerabilidad de exposición de información a través de archivos de registro descubierta en Foundry Code-Workbooks donde el endpoint que respalda esa consola generaba registros de servicio de cualquier código Python que se estuviera ejecutando. Estos registros de servicio incluían el token de Foundry que representa la consola Python de Code-Workbooks. Actualice a Code-Workbooks versión 4.461.0. Este problema afecta a Palantir Foundry Code-Workbooks desde la versión 4.144 hasta la versión 4.460.0 y se resuelve en 4.461.0."}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@palantir.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve-coordination@palantir.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:palantir:foundry_code-workbooks:*:*:*:*:*:*:*:*","versionStartIncluding":"4.144.0","versionEndExcluding":"4.461.0","matchCriteriaId":"C8691A12-6C33-4A35-AB0C-2AAE3CA6B321"}]}]}],"references":[{"url":"https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-08.md","source":"cve-coordination@palantir.com","tags":["Third Party Advisory"]},{"url":"https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-08.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}