Tag
commons-collections
Safeguard articles tagged "commons-collections" — guides, analysis, and best practices for software supply chain and application security.
2 articles
DevSecOps
Jenkins CLI Deserialization RCE via Commons-Collections G...
CVE-2015-8103: unauthenticated RCE in Jenkins CLI via a Commons-Collections deserialization gadget chain. Impact, timeline, and remediation.
Nov 26, 20259 min read
Vulnerability Analysis
CVE-2015-6420: Deserialization vulnerability via Apache C...
How a vulnerable Apache Commons Collections library let attackers achieve remote code execution via Java deserialization gadget chains, and what CVE-2015-6420 still teaches about supply chain risk.
Sep 30, 20258 min read