Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jbpm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3682
XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote malicious users to read arbitrary files and possibly have other unspecified impact by importing a cra...
Redhat Jbpm-designer 6.0.0
Redhat Jbpm-designer 6.2.0
Redhat Jbpm-designer 6.0.1
NA
CVE-2014-8125
XML external entity (XXE) vulnerability in Drools and jBPM prior to 6.2.0 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.
Redhat Drools
Redhat Jbpm
5.4
CVSSv3
CVE-2013-6465
Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.
Redhat Jbpm 6.0.0
4.3
CVSSv3
CVE-2021-20306
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to those projects. The highest threat from this vulnerability is to confidentialit...
Redhat Process Automation 7.0
Redhat Descision Manager 7.0
Redhat Jbpm 7.51.0
NA
CVE-2010-2493
The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) t...
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started