Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions before R2022-09 of Talend's Remote Engine Gen 2 are potentially vulnerable to XML External Entity (XXE) type of attacks. Users should download the R2022-09 release or later and use it in place of the previous version. Talend Remote Engine Gen 1 and Talend Cloud Engine for Design are not impacted. This XXE vulnerability could only be exploited by someone with the appropriate rights to edit pipelines on the Talend platform. It could not be triggered remotely or by other user input.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Talend Remote Engine 代码问题漏洞
Vulnerability Description
Talend Remote Engine是美国拓蓝(Talend)公司的一个远程引擎。允许您运行使用本地应用程序和数据库的作业、路由和数据服务任务。 Talend Remote Engine Gen 2 R2022-09之前版本存在代码问题漏洞。攻击者利用该漏洞执行XML外部实体(XXE)注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A