Title: commons-dbcp-1.4.jar: 1 vulnerabilities (highest severity is: 9.8) [master] · Issue #42 · amaybaum-dev/BenchmarkJava · GitHub
Open Graph Title: commons-dbcp-1.4.jar: 1 vulnerabilities (highest severity is: 9.8) [master] · Issue #42 · amaybaum-dev/BenchmarkJava
X Title: commons-dbcp-1.4.jar: 1 vulnerabilities (highest severity is: 9.8) [master] · Issue #42 · amaybaum-dev/BenchmarkJava
Description: 📂 Vulnerable Library - commons-dbcp-1.4.jar Commons Database Connection Pooling Path to dependency file: /pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-dbcp/commons-dbcp/1.4/commons-dbcp-1.4.jar Findings Fi...
Open Graph Description: 📂 Vulnerable Library - commons-dbcp-1.4.jar Commons Database Connection Pooling Path to dependency file: /pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-dbcp/commons-d...
X Description: 📂 Vulnerable Library - commons-dbcp-1.4.jar Commons Database Connection Pooling Path to dependency file: /pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-dbcp/commons-d...
Opengraph URL: https://github.com/amaybaum-dev/BenchmarkJava/issues/42
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"commons-dbcp-1.4.jar: 1 vulnerabilities (highest severity is: 9.8) [master]","articleBody":"\u003cdetails\u003e\n \u003csummary\u003e📂 Vulnerable Library - \u003cstrong\u003ecommons-dbcp-1.4.jar\u003c/strong\u003e\u003c/summary\u003e\n\nCommons Database Connection Pooling\n\n\n\n**Path to dependency file:** /pom.xml\n\n**Path to vulnerable library:** /home/wss-scanner/.m2/repository/commons-dbcp/commons-dbcp/1.4/commons-dbcp-1.4.jar\n\n\n\u003c/details\u003e\n\n\n# Findings\n| Finding | Severity | 🎯 CVSS | Exploit Maturity | EPSS | Library | Type | Fixed in | Remediation Available | **Reachability** |\n| ------------- | ------------- | ---- | --- | ----- | ----- | ----- | --- | --- | --- |\n| [ CVE-853521-722872 ](https://www.mend.io/vulnerability-database/CVE-853521-722872) | 🟣 Critical | 9.8 | N/A | N/A | commons-pool-1.5.4.jar | Transitive | N/A | ❌ | |\n\n\n# Details\n\n\n\u003cdetails\u003e\n \u003csummary\u003e\n 🟣CVE-853521-722872\n \u003c/summary\u003e\n\n### Vulnerable Library - **commons-pool-1.5.4.jar**\n\nCommons Object Pooling Library\n\n**Library home page:** [ http://www.apache.org/ ](http://www.apache.org/)\n\n**Path to dependency file:** /pom.xml\n\n**Path to vulnerable library:** /home/wss-scanner/.m2/repository/commons-pool/commons-pool/1.5.4/commons-pool-1.5.4.jar\n\n\n\n**Dependency Hierarchy:**\n\n\n- commons-dbcp-1.4.jar (Root Library)\n - ❌ **commons-pool-1.5.4.jar** (Vulnerable Library)\n\n\n\n\n***\n\n### Vulnerability Details\n\nCreated automatically by the test suite\n\n**Publish Date:** Jun 07, 2010 05:12 PM\n\n**URL:** [ CVE-853521-722872 ](https://www.mend.io/vulnerability-database/CVE-853521-722872)\n\n**Threat Assessment**\n\nExploit Maturity:N/A\n\nEPSS:N/A\n\n**Score:** 9.8\n\n\n***\n### Suggested Fix\n\n**Type:** Upgrade version\n\n**Origin:** \n\n**Release Date:** \n\n**Fix Resolution :** \n\n\n\u003c/details\u003e\n\n[comment]: \u003c\u003e (\u003cMEND_ISSUE_METADATA\u003e{\"identifier\":\"commons-dbcp-1.4.jar\",\"repoName\":\"BenchmarkJava\",\"branchName\":\"master\",\"type\":\"SCA_DEP\"}\u003c/MEND_ISSUE_METADATA\u003e)","author":{"url":"https://github.com/mend-developer-platform-dev[bot]","@type":"Person","name":"mend-developer-platform-dev[bot]"},"datePublished":"2025-09-28T05:43:44.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/42/BenchmarkJava/issues/42"}
| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:3c9dc9e3-8939-2e36-9472-5cff5469578c |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | B34C:3AC7E6:209FD8F:2B4055A:6A51ECE6 |
| html-safe-nonce | 703fca05a829ef0cf81846768c9cc369f502d3498df6b7d52fd33aaa9064f272 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJCMzRDOjNBQzdFNjoyMDlGRDhGOjJCNDA1NUE6NkE1MUVDRTYiLCJ2aXNpdG9yX2lkIjoiNTU3OTU4NzYxMzY3NTg3NTU1OSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | 112848bbc99efe4e74bb3e4c77289b40d340e4f0b52a8140d15d15d26e9c8ea9 |
| hovercard-subject-tag | issue:3461119563 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/amaybaum-dev/BenchmarkJava/42/issue_layout |
| twitter:image | https://opengraph.githubassets.com/653ef5c334aaf19f05f8a30b1b2b311a91207790426d90f6e698005bf3d39fc1/amaybaum-dev/BenchmarkJava/issues/42 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/653ef5c334aaf19f05f8a30b1b2b311a91207790426d90f6e698005bf3d39fc1/amaybaum-dev/BenchmarkJava/issues/42 |
| og:image:alt | 📂 Vulnerable Library - commons-dbcp-1.4.jar Commons Database Connection Pooling Path to dependency file: /pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-dbcp/commons-d... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | mend-developer-platform-dev[bot] |
| hostname | github.com |
| expected-hostname | github.com |
| None | b9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb |
| turbo-cache-control | no-preview |
| go-import | github.com/amaybaum-dev/BenchmarkJava git https://github.com/amaybaum-dev/BenchmarkJava.git |
| octolytics-dimension-user_id | 29013484 |
| octolytics-dimension-user_login | amaybaum-dev |
| octolytics-dimension-repository_id | 619308890 |
| octolytics-dimension-repository_nwo | amaybaum-dev/BenchmarkJava |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | true |
| octolytics-dimension-repository_parent_id | 33565372 |
| octolytics-dimension-repository_parent_nwo | OWASP-Benchmark/BenchmarkJava |
| octolytics-dimension-repository_network_root_id | 33565372 |
| octolytics-dimension-repository_network_root_nwo | OWASP-Benchmark/BenchmarkJava |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 7aed05249554b889eb33d002851a973eebcc7e91 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width