USN-6936-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-4852 UBUNTU-CVE-2015-4852

Published: 31 Jul 2024, 18:33

Last modified:04 Feb 2026, 02:42

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

31 Jul 2024, 18:33

Published

Vulnerability first disclosed

04 Feb 2026, 02:42

Last Modified

Vulnerability information updated

Description

libcommons-collections3-java vulnerability It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to execute arbitrary code.

Affected Systems

ubuntu•libcommons-collections3-java
< 3.2.1-6ubuntu0.1~esm1

References (2)

https://ubuntu.com/security/notices/USN-6936-1
https://ubuntu.com/security/CVE-2015-4852