Описание
A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required.
Уязвимые конфигурации
Конфигурация 1Версия до 4.645.0 (исключая)
cpe:2.3:a:palantir:foundry_job-tracker:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00139
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-639
CWE-668
Связанные уязвимости
CVSS3: 4.3
github
больше 2 лет назад
A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required.
EPSS
Процентиль: 34%
0.00139
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-639
CWE-668