vulnerability

Amazon Linux AMI: ALAS-2016-692: Security patch for apache-commons-collections

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
2016-04-27
Added
2016-04-28
Modified
2025-02-19

Description

As reported upstream (https://commons.apache.org/proper/commons-collections/security-reports.html), various classes in the functor collection are serialization and use reflection, which could result in arbitrary code execution if objects from untrusted sources are de-serialized.

Solution

amazon-linux-upgrade-apache-commons-collections
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.