[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-UBUNTU-CVE-2015-4852":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":19,"related":20,"reserved_at":9,"published_at":22,"modified_at":23,"state":9,"summary":24,"references_raw":26,"kevs":74,"epss":9,"epss_history":75,"metrics":76,"affected":82},"UBUNTU-CVE-2015-4852","The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",null,[],[],[],[14],{"_key":15},"CVE-2015-4852",[17],{"_key":18},"USN-6936-1",[],[21],{"_key":18},"2015-11-18T15:59:00Z","2026-05-28T13:00:10.008114456Z",{"cisa_kev":25,"cisa_ransomware":25,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[27,33,37,41,45,49,53,57,61,65,70],{"url":28,"sources":29,"tags":31},"https://ubuntu.com/security/CVE-2015-4852",[30],"osv_ubuntu",[32],"REPORT",{"url":34,"sources":35,"tags":36},"https://issues.apache.org/jira/browse/COLLECTIONS-580",[30],[32],{"url":38,"sources":39,"tags":40},"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",[30],[32],{"url":42,"sources":43,"tags":44},"http://www.openwall.com/lists/oss-security/2015/11/09/1",[30],[32],{"url":46,"sources":47,"tags":48},"http://www.infoq.com/news/2015/11/commons-exploit",[30],[32],{"url":50,"sources":51,"tags":52},"https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread",[30],[32],{"url":54,"sources":55,"tags":56},"https://www.kb.cert.org/vuls/id/576313",[30],[32],{"url":58,"sources":59,"tags":60},"https://access.redhat.com/solutions/2045023",[30],[32],{"url":62,"sources":63,"tags":64},"https://www.cve.org/CVERecord?id=CVE-2015-4852",[30],[32],{"url":66,"sources":67,"tags":68},"https://ubuntu.com/security/notices/USN-6936-1",[30],[69],"Advisory",{"url":71,"sources":72,"tags":73},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog",[30],[32],[],[],[77],{"source":30,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":78,"cvss_v4_0":9},{"baseScore":79,"baseSeverity":9,"vectorString":80,"impactScore":79,"exploitabilityScore":81},9.8,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",10,[83,95],{"ecosystem":84,"name":85,"vendor":86,"product":85,"cpe_part":9,"purl_type":87,"purl_namespace":86,"purl_name":85,"source":9,"versions":88},"Ubuntu","libcommons-collections3-java","ubuntu","deb",[89],{"version":90,"is_range":91,"range_type":92,"version_start":9,"version_start_type":9,"version_end":93,"version_end_type":94,"fixed_in":9},"lt3_2_1_6ubuntu0_1~esm1",true,"ecosystem","3.2.1-6ubuntu0.1~esm1","excluding",{"ecosystem":84,"name":96,"vendor":86,"product":96,"cpe_part":9,"purl_type":87,"purl_namespace":86,"purl_name":96,"source":9,"versions":97},"openjdk-8",[98,100,101],{"version":99,"is_range":91,"range_type":92,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",{"version":99,"is_range":91,"range_type":92,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":99,"is_range":91,"range_type":92,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]