Lucene search
K

6 matches found

NVD
NVD
added 2023/09/11 9:15 p.m.34 views

CVE-2022-1415

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

8.8CVSS8.4AI score0.01044EPSS
Exploits0References3
CVE
CVE
added 2023/09/11 8:20 p.m.229 views

CVE-2022-1415

CVE-2022-1415 corresponds to Drools core deserialization vulnerability. Affected component: KIE Drools (Drools core) where improper safeguards during data deserialization allow an authenticated attacker to craft serialized objects (gadgets) and execute arbitrary code on the server. Documented imp...

8.8CVSS8.3AI score0.01044EPSS
Exploits0References3Affected Software4
Cvelist
Cvelist
added 2023/09/11 8:20 p.m.56 views

CVE-2022-1415 Drools: unsafe data deserialization in streamutils

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

8.1CVSS8.9AI score0.01044EPSS
Exploits0References3
OSV
OSV
added 2023/09/11 8:20 p.m.33 views

CVE-2022-1415 Drools: unsafe data deserialization in streamutils

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

8.1CVSS7.2AI score0.01044EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.4 views

SUSE CVE-2022-1415

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...

6.8CVSS8.3AI score0.01044EPSS
Exploits0References9
OSV
OSV
added 2023/02/10 2:6 p.m.5 views

SUSE-SU-2023:0345-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Improve Cobbler performance with item cache and threadpool bsc1205489 - Skip collections that are inconsistent instead of crashing bsc1205749 - Add new 'cobbler-tests-containers' subpackage which contains setup and configuration files to run...

8.8CVSS8.9AI score0.01044EPSS
Exploits0References47
Rows per page
Query Builder