Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss drools - vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated malicious user to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.
Redhat Decision Manager 7.0
Redhat Process Automation 7.0
Redhat Jboss Middleware Text-only Advisories -
Redhat Drools 7.69.0
1 Github repository
NA
CVE-2013-6468
JBoss Drools, Red Hat JBoss BRMS prior to 6.0.1, and Red Hat JBoss BPM Suite prior to 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
Redhat Jboss Bpm Suite 6.0.0
Redhat Jboss Enterprise Brms Platform 6.0.0
Redhat Jboss Drools -
NA
CVE-2010-3708
The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 prior to 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows remote malicious users to execute a...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started