Vulnerabilities > Redhat > Drools
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-11 | CVE-2022-1415 | Deserialization of Untrusted Data vulnerability in Redhat products A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. | 8.8 |
| 2022-06-16 | CVE-2021-41411 | XXE vulnerability in Redhat Drools 6.1.0 drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. | 9.8 |