Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
ManifoldCF 2.12
-
None
Description
We should upgrade commons-collections to 3.2.2 due to a known security issue with 3.2.1
https://commons.apache.org/proper/commons-collections/security-reports.html
Further reading:
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-andyour-application-have-in-common-this-vulnerability/
https://www.cvedetails.com/cve/CVE-2015-6420/