-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Checkmarx][OSA] Cx78f40514-81ff - Score 7.5 - commons-collections:commons-collections:3.2.2 #187
Comments
** Library Details ** ** Library Severity Details ** ** CVE Details ** ** Recommendations ** |
Library Details Library Severity Details CVE Details Recommendations |
9 similar comments
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Library Details Library Severity Details CVE Details Recommendations |
Vulnerability does not exist anymore |
1 similar comment
Vulnerability does not exist anymore |
** Library Details **
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100
** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0
** CVE Details **
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function
add()
in the filesrc/main/java/org/apache/commons/collections4/list/SetUniqueList.java
throws a StackOverflowError when theadd()
method is called with its own list.** Recommendations **
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable
The text was updated successfully, but these errors were encountered: