Vulnerability in Redhat Drools
CVE-2014-8125
XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.
EPSS: 0.027 (83.7th percentile) — read the EPSS interpretation.
Affected products
- Redhat Drools
- Redhat Jbpm
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)