Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.commons/commons-collections4@4.1
purl pkg:maven/org.apache.commons/commons-collections4@4.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-32uq-r1e7-3ub4 InvokerTransformer code execution during deserialization This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. CVE-2015-7501
GHSA-fjq5-5j5f-mvxh
VCID-6r87-jrv8-27ht Insecure Deserialization in Apache Commons Collection Serialized-object interfaces in Java applications using the Apache Commons Collections (ACC) library may allow remote attackers to execute arbitrary commands via a crafted serialized Java object. CVE-2015-6420
GHSA-6hgm-866r-3cjv

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:04:30.944142+00:00 GitLab Importer Fixing VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-6420.yml 38.4.0
2026-04-16T20:40:06.548452+00:00 GitLab Importer Fixing VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-7501.yml 38.4.0
2026-04-11T22:15:56.675940+00:00 GitLab Importer Fixing VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-6420.yml 38.3.0
2026-04-11T21:50:51.674536+00:00 GitLab Importer Fixing VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-7501.yml 38.3.0
2026-04-02T22:28:08.809100+00:00 GitLab Importer Fixing VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-6420.yml 38.1.0
2026-04-02T22:04:40.708072+00:00 GitLab Importer Fixing VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-7501.yml 38.1.0
2026-04-01T16:46:05.275053+00:00 GitLab Importer Fixing VCID-6r87-jrv8-27ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-6420.yml 38.0.0
2026-04-01T16:01:29.296788+00:00 GHSA Importer Fixing VCID-32uq-r1e7-3ub4 https://github.com/advisories/GHSA-fjq5-5j5f-mvxh 38.0.0
2026-04-01T15:58:16.552757+00:00 GHSA Importer Fixing VCID-6r87-jrv8-27ht https://github.com/advisories/GHSA-6hgm-866r-3cjv 38.0.0
2026-04-01T13:08:29.441426+00:00 GithubOSV Importer Fixing VCID-32uq-r1e7-3ub4 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-fjq5-5j5f-mvxh/GHSA-fjq5-5j5f-mvxh.json 38.0.0
2026-04-01T13:00:27.920065+00:00 GithubOSV Importer Fixing VCID-6r87-jrv8-27ht https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-6hgm-866r-3cjv/GHSA-6hgm-866r-3cjv.json 38.0.0
2026-04-01T12:47:28.664139+00:00 GitLab Importer Fixing VCID-32uq-r1e7-3ub4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.commons/commons-collections4/CVE-2015-7501.yml 38.0.0