Download
| Alert*
ELSA-2015-2521 -- Oracle jakarta-commons-collections
It was found that the jakarta commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
|