CVE-2021-4311

Опубликовано: 09 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 4.9

EPSS Низкий

Описание

A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793
Patch
https://github.com/Talend/tmdm-server-se/pull/1420
Patch
https://vuldb.com/?ctiid.217666
Third Party Advisory
https://vuldb.com/?id.217666
Third Party Advisory
https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793
Patch
https://github.com/Talend/tmdm-server-se/pull/1420
Patch
https://vuldb.com/?ctiid.217666
Third Party Advisory
https://vuldb.com/?id.217666
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:talend:open_studio:*:*:*:*:*:mdm:*:*

Версия до 20230102_1935 (исключая)

EPSS

Процентиль: 52%

0.00296

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-611

Связанные уязвимости

GHSA-93gm-2pxg-46p3

CVSS3: 9.8

github

около 3 лет назад

A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The name of the patch is 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.

EPSS

Процентиль: 52%

0.00296

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-611