Vulnerabilities (CVE)

Filtered by vendor Talend Subscribe
Filtered by product Esb Runtime
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45589 1 Talend 1 Esb Runtime 2024-11-21 N/A 7.2 HIGH
All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version.
CVE-2021-40684 1 Talend 1 Esb Runtime 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container.