Redhat Drools
3 CVEs affecting Redhat Drools. Latest disclosed: 2023-09-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-41411 | Critical | 9.8 | 2022-06-16 | drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in… |
CVE-2022-1415 | High | 8.1 | 2023-09-11 | A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to… |
CVE-2014-8125 | | 2015-04-21 | XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impa… |