Uploaded image for project: 'Red Hat CodeReady Studio (devstudio)'
  1. Red Hat CodeReady Studio (devstudio)
  2. JBDS-3560

Arbitrary remote code execution with InvokerTransformer (COLLECTIONS-580)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 9.1.0.CR1, 10.0.0.Alpha1
    • 8.1.0.GA, 9.0.0.GA, 10.0.0.Alpha1
    • upstream
    • None

      This is a container issue to wrap & track https://issues.apache.org/jira/browse/COLLECTIONS-580

      Problem is that JBDS 9 (and probably 8 and 10 too) include org.apache.commons.collections 3.2.0.v2013030210310, which is affected by COLLECTIONS-580 - Arbitrary remote code execution with InvokerTransformer

              nickboldt Nick Boldt
              nickboldt Nick Boldt
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: