Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 4:12 a.m.43 views

Improper Input Validation in Drools and jBPM

XML external entity XXE vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file...

7.5CVSS6.8AI score0.02655EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2015/04/21 5:0 p.m.29 views

CVE-2014-8125

XML external entity XXE vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file...

7AI score0.02655EPSS
Exploits0References5
NVD
NVD
added 2015/02/20 4:59 p.m.17 views

CVE-2014-3682

XML external entity XXE vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote attackers to read arbitrary files and possibly have other unspecified impact by importing a crafted BPMN2 file...

7.5CVSS6.8AI score0.02886EPSS
Exploits0References6
Prion
Prion
added 2015/02/20 4:59 p.m.15 views

Xxe

XML external entity XXE vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote attackers to read arbitrary files and possibly have other unspecified impact by importing a crafted BPMN2 file...

7.5CVSS7.4AI score0.02886EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2015/02/20 4:0 p.m.17 views

CVE-2014-3682

XML external entity XXE vulnerability in the JBPMBpmn2ResourceImpl function in designer/bpmn2/resource/JBPMBpmn2ResourceImpl.java in jbpm-designer 6.0.x and 6.2.x allows remote attackers to read arbitrary files and possibly have other unspecified impact by importing a crafted BPMN2 file...

6.8AI score0.02886EPSS
Exploits0References6
Rows per page
Query Builder