commons-collections:commons-collections@3.0-dev2 vulnerabilities
-
latest version
3.2.2
-
latest non vulnerable version
-
first published
19 years ago
-
latest version published
8 years ago
-
licenses detected
- [1.0,20030418.083655)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the commons-collections:commons-collections package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
commons-collections:commons-collections is a library which contains types that extend and augment the Java Collections Framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data.
Versions of commons-collections prior to Versions of commons-collections from 3.2.2 onwards will throw an Note: How to fix Deserialization of Untrusted Data? Upgrade |
[,3.2.2)
|
commons-collections:commons-collections is a library which contains types that extend and augment the Java Collections Framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. It is possible to execute arbitrary Java code with the
NOTE: This vulnerability has also been identified as: CVE-2015-7501 How to fix Deserialization of Untrusted Data? Upgrade |
[3.0,3.2.2)
|
commons-collections:commons-collections is a library which contains types that extend and augment the Java Collections Framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. It is possible to execute arbitrary Java code with the
NOTE: This vulnerability has also been identified as: CVE-2015-4852 How to fix Deserialization of Untrusted Data? Upgrade |
[3.0,3.2.2)
|