EUVD-2022-6146

Malicious code in bioql PyPI...

SUSE CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

XML External Entity (XXE)

Drools Compiler is vulnerable to xml external entity. The vulnerability exists in validate function in KieModuleMarshaller.java due to incorrect use of Validator class which allows an attacker to submit a malicious XML document to perform requests on behalf of the server...

GHSA-RC57-9R3X-98CQ XML External Entity Reference in drools

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

XML External Entity Reference in drools

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

CVE-2021-41411 is a XML External Entity (XXE) vulnerability in Drools (affecting Drools

PT-2022-11391 · Drools +1 · Drools +1

Name of the Vulnerable Software and Affected Versions: drools versions prior to 7.60 Description: The issue is related to an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability. Recommendations:...