CVE-2022-4818
Summary
| CVE | CVE-2022-4818 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-12-28 21:15:00 UTC |
| Updated | 2023-11-07 03:58:00 UTC |
| Description | A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability. |
Risk And Classification
Problem Types: CWE-611
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Talend | Open Studio For Mdm | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| TMDM-15304 [CVE] - Fix XXE Vulnerabilities In MDM by hw-zhu · Pull Request #1598 · Talend/tmdm-server-se · GitHub | MISC | github.com | |
| TMDM-15304 [CVE] - Fix XXE Vulnerabilities In MDM (#1598) · Talend/tmdm-server-se@95590db · GitHub | MISC | github.com | |
| Release snap/master/20221220_1938 · Talend/tmdm-server-se · GitHub | MISC | github.com | |
| CVE-2022-4818 | Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference (ID 1598) | MISC | vuldb.com | |
| CVE-2022-4818 | Talend Open Studio for MDM SystemStorageWrapper.java xml external entity reference (ID 1598) | MISC | vuldb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.