Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 4:12 a.m.3 views

com.geeoz.atom:atom-api (>=1.0d12 <=1.0d31), com.geeoz.atom:atom-kie (=1.0d31) +36 more potentially affected by CVE-2014-8125 via org.jbpm:jbpm-bpmn2 (>=5.1.0.Final <=6.2.0.CR4)

org.jbpm:jbpm-bpmn2 MAVEN version =5.1.0.Final, =1.0d12, =1.0d30, =1.0d18, =1.0d12, =1.0d12, =0.2, =1.1.0.17-1, =0.5.0, =0.5.0, =0.5.4 and more Source cves: CVE-2014-8125 Source advisory: OSV:GHSA-6QX9-RF9G-7JMR...

7.5CVSS5.8AI score0.02655EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/05 9:1 p.m.15 views

Security Bulletin: XXE Vulnerability in Drools Affects IBM Sterling B2B Integrator (CVE-2014-8125)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability. Vulnerability Details CVEID: CVE-2014-8125 DESCRIPTION: Drools and jBPM could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection XXE error within the jBPM runtime. By...

7.5CVSS6.1AI score0.02655EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2015/04/21 5:0 p.m.29 views

CVE-2014-8125

XML external entity XXE vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file...

7AI score0.02655EPSS
Exploits0References5
CVE
CVE
added 2015/04/21 5:0 p.m.92 views

CVE-2014-8125

CVE-2014-8125 is an XXE vulnerability in Drools and jBPM that, before version 6.2.0, allows remote attackers to read arbitrary files via a crafted BPMN2 file. Affected: Drools/jBPM runtimes; root cause: XML External Entity processing in BPMN2 handling. Impact per sources: potential file disclosur...

7.5CVSS7.1AI score0.02655EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder