VulnerableCode Package Details - pkg:maven/commons-collections/commons-collections@2.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/commons-collections/commons-collections@2.0

purl	pkg:maven/commons-collections/commons-collections@2.0

Next non-vulnerable version	3.2.2
Latest non-vulnerable version	3.2.2
Risk	4.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-6r87-jrv8-27ht Aliases: CVE-2015-6420 GHSA-6hgm-866r-3cjv	Insecure Deserialization in Apache Commons Collection Serialized-object interfaces in Java applications using the Apache Commons Collections (ACC) library may allow remote attackers to execute arbitrary commands via a crafted serialized Java object.	3.2.2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:04:30.622497+00:00	GitLab Importer	Affected by	VCID-6r87-jrv8-27ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml	38.4.0
2026-04-11T22:15:56.313113+00:00	GitLab Importer	Affected by	VCID-6r87-jrv8-27ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml	38.3.0
2026-04-02T22:28:08.474728+00:00	GitLab Importer	Affected by	VCID-6r87-jrv8-27ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml	38.1.0
2026-04-01T16:46:04.923345+00:00	GitLab Importer	Affected by	VCID-6r87-jrv8-27ht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml	38.0.0