Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Decision_manager
(Redhat)| Repositories |
• https://github.com/FasterXML/jackson-databind
• https://github.com/kiegroup/jbpm-designer |
| #Vulnerabilities | 20 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-26 | CVE-2017-7545 | It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks. | Decision_manager, Jboss_bpm_suite, Jbpm | 6.5 |