6 matches found
CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...
CVE-2022-1415
CVE-2022-1415 corresponds to Drools core deserialization vulnerability. Affected component: KIE Drools (Drools core) where improper safeguards during data deserialization allow an authenticated attacker to craft serialized objects (gadgets) and execute arbitrary code on the server. Documented imp...
CVE-2022-1415 Drools: unsafe data deserialization in streamutils
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...
CVE-2022-1415 Drools: unsafe data deserialization in streamutils
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...
SUSE CVE-2022-1415
A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects usually called gadgets and achieve code execution on the server...
SUSE-SU-2023:0345-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: cobbler: - Improve Cobbler performance with item cache and threadpool bsc1205489 - Skip collections that are inconsistent instead of crashing bsc1205749 - Add new 'cobbler-tests-containers' subpackage which contains setup and configuration files to run...