Vulnerabilities > Talend > ESB Runtime

DATE CVE VULNERABILITY TITLE RISK
2023-02-06 CVE-2022-45589 SQL Injection vulnerability in Talend ESB Runtime 5.1/7.1.1R202109
All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only.
network
low complexity
talend CWE-89
critical
 9.8
9.8
2021-09-22 CVE-2021-40684 Unspecified vulnerability in Talend ESB Runtime 5.1
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.
network
low complexity
talend
6.4
6.4