Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
talend data catalog vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-26263
All versions of Talend Data Catalog prior to 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.
Talend Data Catalog
5.5
CVSSv3
CVE-2023-26264
All versions of Talend Data Catalog prior to 8.0-20220907 are potentially vulnerable to XML External Entity (XXE) attacks in the license parsing code.
Talend Data Catalog
9.8
CVSSv3
CVE-2021-42837
An issue exists in Talend Data Catalog prior to 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed...
Talend Data Catalog
7.5
CVSSv3
CVE-2023-36301
Talend Data Catalog prior to 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet.
Talend Data Catalog
7.5
CVSSv3
CVE-2023-33247
Talend Data Catalog remote harvesting server prior to 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server. (A mitigation is that the remote harvesting server should be behind a firewall that only allows access to the Tale...
Talend Data Catalog
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started