EUVD-2023-2544

Malicious code in bioql PyPI...

GHSA-M5Q8-58WH-XXQ4 Drools Core Deserialization of Untrusted Data vulnerability

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

SUSE CVE-2022-1415

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

CVE-2022-1415

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

PT-2022-5284 · Drools +1 · Drools +1

Name of the Vulnerable Software and Affected Versions: Drools affected versions not specified Description: A flaw was found in Drools core where some utility classes did not use proper safeguards when deserializing data. This allows an authenticated attacker to construct malicious serialized...