The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.
Language
JAVA
Vulnerability
Arbitrary Code Execution
Vulnerability description
Apache Commons Collections (ACC) library is vulnerable to Arbitrary Code Execution. The vulnerability is possible because it directly uses ACC, or contains ACC, in the classpath, which allows an attacker to gain read access to unnecessary information in debug messages by sending modified requests.
Veracode Software Composition Analysis
Links: