exploitDog

GHSA-63jf-339p-rvpm

Опубликовано: 13 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.

Ссылки

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2023-26263

CVSS3: 5.5

nvd

почти 3 года назад

All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-611