Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libcommons-collections3-java@3.2.1-7%2Bdeb8u1
purl pkg:deb/debian/libcommons-collections3-java@3.2.1-7%2Bdeb8u1
Next non-vulnerable version 3.2.2-1
Latest non-vulnerable version 3.2.2-1
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-32uq-r1e7-3ub4
Aliases:
CVE-2015-7501
GHSA-fjq5-5j5f-mvxh
InvokerTransformer code execution during deserialization This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
3.2.2-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-xzvn-b7db-jfah security update DSA-3403-1 libcommons-collections3-java

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:50:41.060840+00:00 Debian Oval Importer Affected by VCID-32uq-r1e7-3ub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:03:35.208399+00:00 Debian Oval Importer Fixing VCID-xzvn-b7db-jfah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-11T23:25:06.159010+00:00 Debian Oval Importer Affected by VCID-32uq-r1e7-3ub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T13:52:12.883213+00:00 Debian Oval Importer Fixing VCID-xzvn-b7db-jfah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-08T22:58:13.093539+00:00 Debian Oval Importer Affected by VCID-32uq-r1e7-3ub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T22:27:18.497188+00:00 Debian Oval Importer Fixing VCID-xzvn-b7db-jfah https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0