Vulnerabilities > Talend > Data Catalog > 7.3.20210930

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-36301 Path Traversal vulnerability in Talend Data Catalog 7.320210930
Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet.
network
low complexity
talend CWE-22
7.5
7.5
2023-05-26 CVE-2023-33247 Unspecified vulnerability in Talend Data Catalog 7.320210930/8.020230221
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server.
network
low complexity
talend
7.5
7.5
2023-04-13 CVE-2023-26263 XXE vulnerability in Talend Data Catalog 7.320210930
All versions of Talend Data Catalog before 8.0-20230110 are potentially vulnerable to XML External Entity (XXE) attacks in the /MIMBWebServices/license endpoint of the remote harvesting server.
local
low complexity
talend CWE-611
5.5
5.5
2023-04-13 CVE-2023-26264 XXE vulnerability in Talend Data Catalog 7.320210930
All versions of Talend Data Catalog before 8.0-20220907 are potentially vulnerable to XML External Entity (XXE) attacks in the license parsing code.
local
low complexity
talend CWE-611
5.5
5.5