Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Jboss Drools
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7041 1 Redhat 2 Jboss Brms, Jboss Drools 2024-11-21 6.8 MEDIUM 6.5 MEDIUM
Drools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.
CVE-2013-6468 1 Redhat 3 Jboss Bpm Suite, Jboss Drools, Jboss Enterprise Brms Platform 2024-11-21 6.5 MEDIUM N/A
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.