Vulnerabilities > Talend > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-26 | CVE-2023-36301 | Path Traversal vulnerability in Talend Data Catalog 7.320210930 Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet. | 7.5 |
| 2023-05-26 | CVE-2023-33247 | Unspecified vulnerability in Talend Data Catalog 7.320210930 Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint that allows an unauthenticated WAR file to be deployed on the server. | 7.5 |
| 2023-04-28 | CVE-2023-31444 | Unspecified vulnerability in Talend Studio In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. | 7.5 |
| 2021-11-05 | CVE-2021-42837 | Improper Authentication vulnerability in Talend Data Catalog An issue was discovered in Talend Data Catalog before 7.3-20210930. | 7.5 |
| 2020-02-19 | CVE-2014-2228 | XML Entity Expansion vulnerability in Talend Restlet 1.1.10/2.1.7/2.2 The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages. | 7.5 |