Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Decision_manager
(Redhat)Repositories |
• https://github.com/FasterXML/jackson-databind
• https://github.com/kiegroup/jbpm-designer |
#Vulnerabilities | 20 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-01-02 | CVE-2019-14863 | There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | Angular\.js, Decision_manager, Process_automation | N/A | ||
2018-07-26 | CVE-2017-7545 | It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks. | Decision_manager, Jboss_bpm_suite, Jbpm | 6.5 |