CVE-2015-7501

ADVISORY - github

Summary

It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

EPSS Score⁠: 0.01844 (0.886)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-502⁠

Deserialization of Untrusted Data

ADVISORY - github

CWE-502⁠

Deserialization of Untrusted Data

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-502⁠

Deserialization of Untrusted Data

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-284⁠

Improper Access Control

CWE-502⁠

Deserialization of Untrusted Data

Impacted images

Advisories

NIST

CREATED

7 years ago

UPDATED

8 months ago

ADVISORY IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-502⁠

CVSS SCORE

9.8critical

GitHub

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDGHSA-fjq5-5j5f-mvxh⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-502⁠

CVSS SCORE

9.8critical

Debian

CREATED

7 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

3 months ago

ADVISORY IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8low

GitLab

CREATED

7 years ago

UPDATED

11 months ago

ADVISORY ID

CVE-2015-7501

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-502⁠CWE-78⁠CWE-937⁠

CVSS SCORE

9.8critical

Amazon

CREATED

9 years ago

UPDATED

9 years ago

ADVISORY IDALAS-2015-618⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

9 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

10.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-284⁠CWE-502⁠

CVSS SCORE

7.5critical

Oracle

CREATED

9 years ago

UPDATED

9 years ago

ADVISORY IDELSA-2015-2521⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 years ago

UPDATED

9 years ago

ADVISORY IDELSA-2015-2522⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 years ago

UPDATED

9 years ago

ADVISORY IDELSA-2015-2671⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

intheWild

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDCVE-2015-7501⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

vulncheck

CREATED

9 years ago

UPDATED

4 months ago

ADVISORY ID

CVE-2015-7501

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY