CVE-2015-7501

SOURCE - github

Summary

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

EPSS Score⁠: 0.01844 (0.884)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-502⁠

Deserialization of Untrusted Data

SOURCE - github

CWE-502⁠

Deserialization of Untrusted Data

SOURCE - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-502⁠

Deserialization of Untrusted Data

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

SOURCE - redhat

CWE-284⁠

Improper Access Control

CWE-502⁠

Deserialization of Untrusted Data

Sources (12)

Impacted images

NIST

CREATED

7 years ago

UPDATED

5 months ago

SOURCE IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-502⁠

CVSS SCORE

9.8critical

GitHub

CREATED

2 years ago

UPDATED

2 years ago

SOURCE IDGHSA-fjq5-5j5f-mvxh⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-502⁠

CVSS SCORE

9.8critical

Debian

CREATED

7 years ago

UPDATED

6 days ago

SOURCE IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

3 months ago

SOURCE IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8low

GitLab

CREATED

7 years ago

UPDATED

8 months ago

SOURCE ID

CVE-2015-7501

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-502⁠CWE-78⁠CWE-937⁠

CVSS SCORE

9.8critical

Amazon

CREATED

9 years ago

UPDATED

9 years ago

SOURCE IDALAS-2015-618⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

9 years ago

UPDATED

1 year ago

SOURCE IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

10.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-284⁠CWE-502⁠

CVSS SCORE

7.5critical

Oracle

CREATED

9 years ago

UPDATED

9 years ago

SOURCE IDELSA-2015-2521⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 years ago

UPDATED

9 years ago

SOURCE IDELSA-2015-2522⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 years ago

UPDATED

9 years ago

SOURCE IDELSA-2015-2671⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

intheWild

CREATED

1 year ago

UPDATED

1 year ago

SOURCE IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

vulncheck

CREATED

8 years ago

UPDATED

22 days ago

SOURCE ID

CVE-2015-7501

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE