Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jbpm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-8125
XML external entity (XXE) vulnerability in Drools and jBPM prior to 6.2.0 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.
Redhat Drools
Redhat Jbpm
7.5
CVSSv2
CVE-2014-3682
XML external entity (XXE) vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote malicious users to read arbitrary files and possibly have other unspecified impact by importing a cra...
Redhat Jbpm-designer 6.0.0
Redhat Jbpm-designer 6.2.0
Redhat Jbpm-designer 6.0.1
5
CVSSv2
CVE-2010-2493
The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) t...
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
4
CVSSv2
CVE-2021-20306
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any project can see the name of Ruleflow Groups from other projects, despite the user not having access to those projects. The highest threat from this vulnerability is to confidentialit...
Redhat Process Automation 7.0
Redhat Descision Manager 7.0
Redhat Jbpm 7.51.0
3.5
CVSSv2
CVE-2013-6465
Multiple cross-site scripting (XSS) vulnerabilities in JBPM KIE Workbench 6.0.x allow remote authenticated users to inject arbitrary web script or HTML via vectors related to task name html inputs.
Redhat Jbpm 6.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started