5 matches found
SUSE CVE-2021-41411
drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...
The vulnerability of the Drools business rule management system lies in the ability to restore unreliable data in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Drools business rules management system is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
drools ไปฃ็ ้ฎ้ขๆผๆด
drools is KIE open source a business rules management system . Open source rules engine, DMN engine and Complex Event Processing CEP engine for the Java and JVM platforms. drools has a security vulnerability , the vulnerability stems from its insecure data deserialization...
Drools: Remote Java Code Execution in MVEL
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a 1 MVFLEX Expression Language MVEL or 2 Drools expression...
JBoss drools deserialization remote code execution
The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.3 before 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows remote attackers to execute arbitrary code via a crafted...