Drools Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2021-41411

drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.

9.8CVSS

9.5AI Score

0.002EPSS

2022-06-16 10:15 AM