EUVD-2023-35752

Malicious code in bioql PyPI...

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

The vulnerability of the Jolokia Endpoint component of the Apache ActiveMQ Artemis software platform allows a hacker to write arbitrary files.

The vulnerability of the Jolokia Endpoint component of the Apache ActiveMQ software platform is related to improper authentication. Exploiting this vulnerability allows a malicious actor to write arbitrary files...

Improper Authorization

org.apache.activemq:artemis-cli is vulnerable to Improper Authorization. The vulnerability is due to exposure of the Log4J2 MBean through the authenticated Jolokia endpoint, allowing authenticated attackers to write arbitrary files to the filesystem...

PT-2023-9583

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Artemis versions prior to 2.29.0 Description The issue is related to the exposure of diagnostic information and controls through MBeans, which are also accessible through the authenticated Jolokia endpoint. This includes the...

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

CVE-2023-31444

CVE-2023-31444 – Talend Studio Jolokia exposure : Affects Talend Studio versions before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09. The issue is an unauthenticated access vulnerability to the Jolokia endpoint of Talend microservices, enabling remote JVM access via the Jolokia JMX-HTTP bridge. T...

Talend Studio 安全漏洞

Talend Studio is a software application from Talend, Inc. A security vulnerability exists in Talend Studio versions prior to 7.3.1-R2022-10 and 8.x versions prior to 8.0.1-R2022-09, which stems from a vulnerability that allows unauthenticated access to the Jolokia endpoint for microservices...

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

PT-2023-23331 · Talend · Talend Studio

Name of the Vulnerable Software and Affected Versions: Talend Studio versions prior to 7.3.1-R2022-10 Talend Studio versions 8.x prior to 8.0.1-R2022-09 Description: The issue allows unauthenticated access to the Jolokia endpoint of the microservice, enabling remote access to the JVM via the...

CVE-2023-31444

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge...

CVE-2021-40684

Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running...