Search criteria
4 vulnerabilities found for Open Studio for MDM by Talend
CVE-2021-4311 (GCVE-0-2021-4311)
Vulnerability from cvelistv5 – Published: 2023-01-09 11:20 – Updated: 2025-04-09 19:25
VLAI?
Title
Talend Open Studio for MDM XML xml external entity reference
Summary
A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-611 - XML External Entity Reference
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Talend | Open Studio for MDM |
Affected:
n/a
|
Credits
VulDB GitHub Commit Analyzer
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217666"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217666"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1420"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T19:25:50.666132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:25:57.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"XML Handler"
],
"product": "Open Studio for MDM",
"vendor": "Talend",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "In Talend Open Studio for MDM wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente XML Handler. Durch das Beeinflussen mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Patch wird als 31d442b9fb1d518128fd18f6e4d54e06c3d67793 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:46:51.508Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217666"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217666"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1420"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-09T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-30T11:31:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Talend Open Studio for MDM XML xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2021-4311",
"datePublished": "2023-01-09T11:20:22.017Z",
"dateReserved": "2023-01-09T11:19:07.872Z",
"dateUpdated": "2025-04-09T19:25:57.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4818 (GCVE-0-2022-4818)
Vulnerability from cvelistv5 – Published: 2022-12-28 20:34 – Updated: 2025-04-09 20:49
VLAI?
Title
Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference
Summary
A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-611 - XML External Entity Reference
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Talend | Open Studio for MDM |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:44.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.216997"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.216997"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1598"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73ad6ed47853"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_1938"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T15:07:11.835541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:49:13.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Open Studio for MDM",
"vendor": "Talend",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "In Talend Open Studio for MDM wurde eine problematische Schwachstelle ausgemacht. Betroffen ist eine unbekannte Verarbeitung der Datei org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. Dank der Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 20221220_1938 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 95590db2ad6a582c371273ceab1a73ad6ed47853 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-28T20:34:17.264Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.216997"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.216997"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1598"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73ad6ed47853"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_1938"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-20T00:00:00.000Z",
"value": "Countermeasure disclosed"
},
{
"lang": "en",
"time": "2022-12-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2022-12-28T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2022-12-28T21:39:15.000Z",
"value": "VulDB last update"
}
],
"title": "Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4818",
"datePublished": "2022-12-28T20:34:17.264Z",
"dateReserved": "2022-12-28T20:32:54.732Z",
"dateUpdated": "2025-04-09T20:49:13.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4311 (GCVE-0-2021-4311)
Vulnerability from nvd – Published: 2023-01-09 11:20 – Updated: 2025-04-09 19:25
VLAI?
Title
Talend Open Studio for MDM XML xml external entity reference
Summary
A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-611 - XML External Entity Reference
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Talend | Open Studio for MDM |
Affected:
n/a
|
Credits
VulDB GitHub Commit Analyzer
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217666"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217666"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1420"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T19:25:50.666132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:25:57.677Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"XML Handler"
],
"product": "Open Studio for MDM",
"vendor": "Talend",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Talend Open Studio for MDM. This vulnerability affects unknown code of the component XML Handler. The manipulation leads to xml external entity reference. The patch is identified as 31d442b9fb1d518128fd18f6e4d54e06c3d67793. It is recommended to apply a patch to fix this issue. VDB-217666 is the identifier assigned to this vulnerability."
},
{
"lang": "de",
"value": "In Talend Open Studio for MDM wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente XML Handler. Durch das Beeinflussen mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Der Patch wird als 31d442b9fb1d518128fd18f6e4d54e06c3d67793 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.9,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:46:51.508Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217666"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217666"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1420"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/31d442b9fb1d518128fd18f6e4d54e06c3d67793"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-09T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-30T11:31:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Talend Open Studio for MDM XML xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2021-4311",
"datePublished": "2023-01-09T11:20:22.017Z",
"dateReserved": "2023-01-09T11:19:07.872Z",
"dateUpdated": "2025-04-09T19:25:57.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4818 (GCVE-0-2022-4818)
Vulnerability from nvd – Published: 2022-12-28 20:34 – Updated: 2025-04-09 20:49
VLAI?
Title
Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference
Summary
A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-611 - XML External Entity Reference
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Talend | Open Studio for MDM |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:55:44.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.216997"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.216997"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1598"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73ad6ed47853"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_1938"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T15:07:11.835541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:49:13.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Open Studio for MDM",
"vendor": "Talend",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "In Talend Open Studio for MDM wurde eine problematische Schwachstelle ausgemacht. Betroffen ist eine unbekannte Verarbeitung der Datei org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. Dank der Manipulation mit unbekannten Daten kann eine xml external entity reference-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 20221220_1938 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 95590db2ad6a582c371273ceab1a73ad6ed47853 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-28T20:34:17.264Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.216997"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.216997"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Talend/tmdm-server-se/pull/1598"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73ad6ed47853"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_1938"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-20T00:00:00.000Z",
"value": "Countermeasure disclosed"
},
{
"lang": "en",
"time": "2022-12-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2022-12-28T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2022-12-28T21:39:15.000Z",
"value": "VulDB last update"
}
],
"title": "Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4818",
"datePublished": "2022-12-28T20:34:17.264Z",
"dateReserved": "2022-12-28T20:32:54.732Z",
"dateUpdated": "2025-04-09T20:49:13.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}