Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/commons-collections/commons-collections@2.0.20020914.015953
Typemaven
Namespacecommons-collections
Namecommons-collections
Version2.0.20020914.015953
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.2
Latest_non_vulnerable_version3.2.2
Affected_by_vulnerabilities
0
url VCID-wstq-zu4y-nfg3
vulnerability_id VCID-wstq-zu4y-nfg3
summary 
Deserialization of Untrusted Data
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6420
reference_id
reference_type
scores
0
value 0.212
scoring_system epss
scoring_elements 0.95784
published_at 2026-06-06T12:55:00Z
1
value 0.212
scoring_system epss
scoring_elements 0.95785
published_at 2026-06-08T12:55:00Z
2
value 0.212
scoring_system epss
scoring_elements 0.95775
published_at 2026-06-04T12:55:00Z
3
value 0.212
scoring_system epss
scoring_elements 0.95781
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6420
1
reference_url https://arxiv.org/pdf/2306.05534
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://arxiv.org/pdf/2306.05534
2
reference_url https://github.com/apache/commons-collections
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-collections
3
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
4
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
5
reference_url https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3Ccommits.samza.apache.org%3E
6
reference_url https://www.kb.cert.org/vuls/id/581311
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.kb.cert.org/vuls/id/581311
7
reference_url https://www.tenable.com/security/research/tra-2017-14
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/research/tra-2017-14
8
reference_url https://www.tenable.com/security/research/tra-2017-23
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/research/tra-2017-23
9
reference_url http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
10
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
11
reference_url http://www.securityfocus.com/bid/78872
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/78872
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-6420
reference_id CVE-2015-6420
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-6420
13
reference_url https://github.com/advisories/GHSA-6hgm-866r-3cjv
reference_id GHSA-6hgm-866r-3cjv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6hgm-866r-3cjv
fixed_packages
0
url pkg:maven/commons-collections/commons-collections@3.2.2
purl pkg:maven/commons-collections/commons-collections@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/commons-collections/commons-collections@3.2.2
aliases CVE-2015-6420, GHSA-6hgm-866r-3cjv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wstq-zu4y-nfg3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/commons-collections/commons-collections@2.0.20020914.015953