René's URL Explorer Experiment

Title: Deserialization of Untrusted Data in commons-collections:commons-collections | CVE-2015-7501 | Snyk

Open Graph Title: Snyk Vulnerability Database | Snyk

X Title: Deserialization of Untrusted Data in commons-collections:commons-collections | CVE-2015-7501 | Snyk

Description: Critical severity (9.8) Deserialization of Untrusted Data in commons-collections:commons-collections | CVE-2015-7501

Open Graph Description: Critical severity (9.8) Deserialization of Untrusted Data in commons-collections:commons-collections | CVE-2015-7501

X Description: Critical severity (9.8) Deserialization of Untrusted Data in commons-collections:commons-collections | CVE-2015-7501

Mail addresses
contact@snyk.io
support@snyk.io

Opengraph URL: https://security.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078

X: @snyksec

direct link

Domain: snyk.io

Hey, it has json ld scripts:

{"@context":"http://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"item":{"name":"Snyk Vulnerability Database","@id":"https://security.snyk.io/vuln"}},{"@type":"ListItem","position":2,"item":{"name":"Maven","@id":"https://security.snyk.io/vuln/maven"}},{"@type":"ListItem","position":3,"item":{"name":"commons-collections:commons-collections"}}]}

{"@context":"https://schema.org","@graph":[{"@type":"FAQPage","inLanguage":"en-US","mainEntity":[{"@type":"Question","name":"How to fix?","acceptedAnswer":{"@type":"Answer","text":"\u003Cp>Upgrade \u003Ccode>commons-collections:commons-collections\u003C/code> to version 3.2.2 or higher.\u003C/p>\n"}}]}]}

None	ie=edge
og:locale	en_US
og:type	website
og:site_name	Learn more about Maven with Snyk Open Source Vulnerability Database
og:image	https://res.cloudinary.com/snyk/image/upload/security-preview.png
og:image:width	1200
og:image:height	630
og:image:alt	Snyk Vulnerability Database
og:image:type	image/png
twitter:card	summary_large_image
twitter:creator	@snyksec

Links:

	https://snyk.io/
Snyk Vulnerability Database	https://snyk.io/vuln
Maven	https://snyk.io/vuln/maven
commons-collections:commons-collections	https://snyk.io/package/maven/commons-collections%3Acommons-collections
Learn more	https://snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078#cvss
documentation	https://www.first.org/epss/articles/prob_percentile_bins
Test your applications	https://app.snyk.io/login?cta=sign-up&loc=banner&page=vuln-vuln
Start learning	https://learn.snyk.io/lesson/insecure-deserialization/
Report a new vulnerability	https://snyk.io/vulnerability-disclosure/
Found a mistake?	https://support.snyk.io/s/contactsupport
CVE-2015-7501 (opens in a new tab)	https://www.cve.org/CVERecord?id=CVE-2015-7501
CWE-502 (opens in a new tab)	https://cwe.mitre.org/data/definitions/502.html
commons-collections:commons-collections	https://mvnrepository.com/artifact/commons-collections/commons-collections
CVE-2015-4852	https://security.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-6056408
CWE-502	https://cwe.mitre.org/data/definitions/502.html
popular library (Apache Commons Collection)	https://snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078
FoxGloveSecurity Blog	http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
GitHub Commit	https://github.com/apache/commons-collections/commit/e585cd0433ae4cfbc56e58572b9869bd0c86b611
Jira Issue	https://issues.apache.org/jira/browse/COLLECTIONS-580
PoC	https://github.com/ianxtianxt/CVE-2015-7501
Partners	https://snyk.io/partners
Developers & Devops Features	https://snyk.io/product/dev-security/
Enterprise Features	https://snyk.io/product/enterprise/
Pricing	https://snyk.io/plans/
Test with GitHub	https://snyk.io/test/
Test with CLI	https://docs.snyk.io/snyk-cli
API status	https://status.snyk.io/
Vulnerability DB	https://security.snyk.io/
Blog	https://snyk.io/blog/
Documentation	https://docs.snyk.io/
FAQs	https://support.snyk.io/
About	https://snyk.io/about
Jobs	https://snyk.io/careers/
Legal terms	https://snyk.io/policies/terms-of-service/
Privacy	https://snyk.io/policies/privacy/
Press kit	https://snyk.io/press-kit/
Events	https://snyk.io/events
Report a new vuln	https://snyk.io/vulnerability-disclosure
	https://x.com/snyksec
	https://www.youtube.com/@Snyksec
	https://www.facebook.com/snyksec
	https://www.linkedin.com/company/snyk
	https://github.com/Snyk/
	https://www.npmjs.com/package/snyk
	https://www.devseccon.com/the-secure-developer-podcast/

Viewport: width=device-width, initial-scale=1

Robots: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1

URLs of crawlers that visited me.