PT-2023-20573 · Talend · Talend Data Catalog

Published

2023-04-13

Updated

2023-04-21

CVE-2023-26264

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Talend Data Catalog versions prior to 8.0-20220907

Description The issue concerns XML External Entity (XXE) attacks in the license parsing code, potentially affecting all versions of the software before the specified version.

Recommendations For versions prior to 8.0-20220907, update to version 8.0-20220907 or later to resolve the issue.

Fix

XXE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-611

Related Identifiers

CVE-2023-26264

Affected Products

Talend Data Catalog

PT-2023-20573 · Talend · Talend Data Catalog

CVE-2023-26264

Weakness Enumeration

Related Identifiers

Affected Products

References · 4