CNNVD-202507-1530 Information

CNNVD ID

CNNVD-202507-1530

Related CVE

CVE-2025-53709

• CNNVD Published: 2025-07-10

Description (Chinese)

Palantir secure-upload是美国Palantir公司的一个上传组件。 Palantir secure-upload 0.815.0之前版本存在安全漏洞，该漏洞源于特权用户可能滥用端点重定向提交通道，以及未经验证的用户可能枚举现有注册。

Description (English)

Palantir security-upload is an upload component of the United States company Palantir. Prior to Palantir security-upload 0.815.0, there was a security loophole resulting from the possible misuse of endpoint re-directional submission channels by privileged users, as well as the possibility that uncertified users could list existing registries.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

Pallets

Published

2025-07-10

Last Modified

2026-02-24

References

https://cwe.mitre.org/data/definitions/285.html https://nvd.nist.gov/vuln/detail/CVE-2025-53709

Patch

https://www.apollo.io/