VYPR

Jboss Drools

by Red Hat

Source repositories

CVEs (2)

  • CVE-2014-8125Apr 21, 2015
    risk 0.00cvss epss 0.03

    XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.

  • CVE-2013-6468Apr 10, 2014
    risk 0.00cvss epss 0.02

    JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.