Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss drools - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-3708
The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 prior to 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows remote malicious users to execute a...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 4.3.0
6.5
CVSSv2
CVE-2013-6468
JBoss Drools, Red Hat JBoss BRMS prior to 6.0.1, and Red Hat JBoss BPM Suite prior to 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
Redhat Jboss Enterprise Brms Platform 6.0.0
Redhat Jboss Bpm Suite 6.0.0
Redhat Jboss Drools -
NA
CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated malicious user to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Redhat Jboss Middleware Text-only Advisories -
Redhat Drools 7.69.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started