Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Checkmarx][OSA] Cx78f40514-81ff - Score 7.5 - commons-collections:commons-collections:3.2.2 #187

Closed
miguelfreitas93 opened this issue Jun 16, 2020 · 13 comments
Closed

[Checkmarx][OSA] Cx78f40514-81ff - Score 7.5 - commons-collections:commons-collections:3.2.2 #187

miguelfreitas93 opened this issue Jun 16, 2020 · 13 comments
Assignees
@miguelfreitas93
Labels
bug Something isn't working checkmarx High osa test Label for testing purposes To Verify

Comments

@miguelfreitas93
Copy link
Contributor

** Library Details **
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

** CVE Details **
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

** Recommendations **
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable
@miguelfreitas93 miguelfreitas93 added bug Something isn't working checkmarx High osa test Label for testing purposes To Verify labels Jun 16, 2020
@miguelfreitas93 miguelfreitas93 self-assigned this Jun 16, 2020
@miguelfreitas93
Copy link
Contributor Author

** Library Details **
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

** Library Severity Details **
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

** CVE Details **
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

** Recommendations **
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

9 similar comments
@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Library Details
Library ID: EFB7CF0F4CA0D72D971BD8C1DF5434171D7770E3
Library Name: commons-collections:commons-collections
Library Version: 3.2.2
Library Source File Name:
Library Confidence Level: 100

Library Severity Details
Library High Vulnerabilities: 0
Library Medium Vulnerabilities: 0
Library Low Vulnerabilities: 0

CVE Details
CVE Name: Cx78f40514-81ff
CVE Score: 7.5
Severity: High
State: TO_VERIFY
CVE Publish Date: 2018-10-31T10:39:00
CVE URL: https://issues.apache.org/jira/browse/COLLECTIONS-701
CVE Description: The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function add() in the file src/main/java/org/apache/commons/collections4/list/SetUniqueList.java throws a StackOverflowError when the add() method is called with its own list.

Recommendations
Library Newest Version: null
Library Newest Version Release Date: null
Library Number of Versions Since Last Update: 0
Recommendations: Fix unavailable

@miguelfreitas93
Copy link
Contributor Author

Vulnerability does not exist anymore

1 similar comment
@miguelfreitas93
Copy link
Contributor Author

Vulnerability does not exist anymore

@jrpedrianes jrpedrianes mentioned this issue Apr 19, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@miguelfreitas93 miguelfreitas93

Labels
bug Something isn't working checkmarx High osa test Label for testing purposes To Verify
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@miguelfreitas93