CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-1415 – Drools: unsafe data deserialization in streamutils
https://notcve.org/view.php?id=CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server. Se encontró una falla en la que algunas clases de utilidad en el núcleo de Drools no usaban las medidas de seguridad adecuadas al deserializar datos. Esta falla permite a un atacante autenticado construir objetos serializados maliciosos (generalmente llamados gadgets) y lograr la ejecución de código en el servidor. • https://access.redhat.com/errata/RHSA-2022:6813 https://access.redhat.com/security/cve/CVE-2022-1415 https://bugzilla.redhat.com/show_bug.cgi?id=2065505 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41411
https://notcve.org/view.php?id=CVE-2021-41411
drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. drools versiones anteriores a7.59.x incluyéndola, está afectado por una vulnerabilidad de tipo XML External Entity (XXE) en KieModuleMarshaller.java. La clase Validator no es usada correctamente, resultando en una vulnerabilidad de inyección XXE • https://github.com/kiegroup/drools/pull/3808 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-7041 – Workbench: Path traversal vulnerability
https://notcve.org/view.php?id=CVE-2016-7041
Drools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. Drools Workbench contiene una vulnerabilidad de salto de directorio. La vulnerabilidad permite que un atacante autenticado remoto omita las restricciones del directorio y recupere archivos arbitrarios desde el host afectado Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. • http://rhn.redhat.com/errata/RHSA-2016-2822.html http://rhn.redhat.com/errata/RHSA-2016-2823.html http://rhn.redhat.com/errata/RHSA-2016-2937.html http://rhn.redhat.com/errata/RHSA-2016-2938.html http://www.securityfocus.com/bid/94566 http://www.securitytracker.com/id/1037406 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7041 https://access.redhat.com/security/cve/CVE-2016-7041 https://bugzilla.redhat.com/show_bug.cgi?id=1375757 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-8125 – jBPM: BPMN2 file processing XXE in Process Execution
https://notcve.org/view.php?id=CVE-2014-8125
XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file. Vulnerabilidad de entidad externa XML (XXE) en Drools and jBPM anterior a 6.2.0 permite a atacantes remotos leer ficheros arbitrarios o posiblemente tener otro impacto no especificado a través de un fichero BPMN2 manipulado. It was discovered that the jBPM runtime performed expansion of external parameter entities while executing BPMN2 files. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity (XXE) attacks. • http://rhn.redhat.com/errata/RHSA-2015-0850.html http://rhn.redhat.com/errata/RHSA-2015-0851.html https://bugzilla.redhat.com/show_bug.cgi?id=1169553 https://github.com/droolsjbpm/drools/commit/c48464c3b246e6ef0d4cd0dbf67e83ccd532c6d3 https://github.com/droolsjbpm/jbpm/commit/713e8073ecf45623cfc5c918c5cbf700203f46e5 https://access.redhat.com/security/cve/CVE-2014-8125 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-6468 – Drools: Remote Java Code Execution in MVEL
https://notcve.org/view.php?id=CVE-2013-6468
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression. JBoss Drools, Red Hat JBoss BRMS anterior a 6.0.1 y Red Hat JBoss BPM Suite anterior a 6.0.1 permite a usuarios remotos autenticados ejecutar código Java arbitrario a través de una expresión (1) MVFLEX Expression Language (MVEL) o (2) Drools • http://rhn.redhat.com/errata/RHSA-2014-0371.html http://rhn.redhat.com/errata/RHSA-2014-0372.html http://secunia.com/advisories/57716 http://secunia.com/advisories/57719 https://access.redhat.com/security/cve/CVE-2013-6468 https://bugzilla.redhat.com/show_bug.cgi?id=1051261 • CWE-94: Improper Control of Generation of Code ('Code Injection') •