Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/commons-collections/commons-collections@3.2.1
purl pkg:maven/commons-collections/commons-collections@3.2.1
Next non-vulnerable version 3.2.2
Latest non-vulnerable version 3.2.2
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-32uq-r1e7-3ub4
Aliases:
CVE-2015-7501
GHSA-fjq5-5j5f-mvxh
InvokerTransformer code execution during deserialization This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
3.2.2
Affected by 0 other vulnerabilities.
VCID-6r87-jrv8-27ht
Aliases:
CVE-2015-6420
GHSA-6hgm-866r-3cjv
Insecure Deserialization in Apache Commons Collection Serialized-object interfaces in Java applications using the Apache Commons Collections (ACC) library may allow remote attackers to execute arbitrary commands via a crafted serialized Java object.
3.2.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:04:30.655751+00:00 GitLab Importer Affected by VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml 38.4.0
2026-04-16T20:40:06.443653+00:00 GitLab Importer Affected by VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-7501.yml 38.4.0
2026-04-11T22:15:56.353727+00:00 GitLab Importer Affected by VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml 38.3.0
2026-04-11T21:50:51.555571+00:00 GitLab Importer Affected by VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-7501.yml 38.3.0
2026-04-02T22:28:08.507750+00:00 GitLab Importer Affected by VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml 38.1.0
2026-04-02T22:04:40.595279+00:00 GitLab Importer Affected by VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-7501.yml 38.1.0
2026-04-01T16:46:04.965515+00:00 GitLab Importer Affected by VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-6420.yml 38.0.0
2026-04-01T12:47:28.645157+00:00 GitLab Importer Affected by VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-collections/commons-collections/CVE-2015-7501.yml 38.0.0