pkg:maven/org.drools/drools-core
Type
maven
Namespace
org.drools
Name
drools-core
Known advisories, vulnerabilities and fixes for org.drools/drools-core package.
Critical
1
High
2
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 6.2.0.CR4 |
CVE-2014-8125
|
MAVEN:GHSA-6QX9-RF9G-7JMR | Improper Input Validation in Drools and jBPM | high |
2022-05-17T04:12:57
(2 years ago) |
|
Fixed | = 6.2.0.Final |
CVE-2014-8125
|
MAVEN:GHSA-6QX9-RF9G-7JMR | Improper Input Validation in Drools and jBPM | high |
2022-05-17T04:12:57
(2 years ago) |
|
Affected | < 7.69.0.Final |
CVE-2022-1415
|
MAVEN:GHSA-M5Q8-58WH-XXQ4 | Drools Core Deserialization of Untrusted Data vulnerability | moderate |
2023-09-11T21:30:17
(12 months ago) |
|
Fixed | = 7.69.0.Final |
CVE-2022-1415
|
MAVEN:GHSA-M5Q8-58WH-XXQ4 | Drools Core Deserialization of Untrusted Data vulnerability | moderate |
2023-09-11T21:30:17
(12 months ago) |
|
Affected | < 4.0.7 |
CVE-2010-3708
|
MAVEN:GHSA-QVQ6-CW53-RMWG | Drools Improper Input Validation vulnerability allows remote attackers to execute arbitrary code in JBoss EAP | high |
2022-05-17T05:45:03
(2 years ago) |
|
Fixed | = 4.0.7 |
CVE-2010-3708
|
MAVEN:GHSA-QVQ6-CW53-RMWG | Drools Improper Input Validation vulnerability allows remote attackers to execute arbitrary code in JBoss EAP | high |
2022-05-17T05:45:03
(2 years ago) |
|
Affected | <= 7.59.0.Final |
CVE-2021-41411
|
MAVEN:GHSA-RC57-9R3X-98CQ | XML External Entity Reference in drools | critical |
2022-06-17T00:01:28
(2 years ago) |
|
Fixed | = 7.60.0.Final |
CVE-2021-41411
|
MAVEN:GHSA-RC57-9R3X-98CQ | XML External Entity Reference in drools | critical |
2022-06-17T00:01:28
(2 years ago) |