Uploaded image for project: 'Commons BeanUtils'
  1. Commons BeanUtils
  2. BEANUTILS-489

You should upgrade dependendy on commons-collections to avoid CVE-2015-4852

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Duplicate
    • 1.9.2
    • 1.9.3
    • Locale BeanUtils / Converters
    • None

    • any

    Description

      You have fix CVE-2014-0114 in benutils 1.9.2 but you still have a dependency on commons-collections 3.2.1 which is well known for CVE-2015-4852
      https://issues.apache.org/jira/browse/COLLECTIONS-583

      You must upgrade dependency to 3.2.2

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. BEANUTILS-482 Update commons-collections from 3.2.1 to 3.2.2

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              jandry jandry
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 1m
                  1m
                  Remaining:
                  Remaining Estimate - 1m
                  1m
                  Logged:
                  Time Spent - Not Specified
                  Not Specified