High

DATE	CVE	VULNERABILITY TITLE	RISK
2015-04-21	CVE-2014-8125	XML External Entity Information Disclosure vulnerability in jBPM and Drools XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file. network low complexity redhat	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.