Cx78f40514-81ff @ Maven-commons-collections:commons-collections-3.2.2

**Checkmarx \(SCA\):** Vulnerable Package
**Vulnerability:** [Read More ](https://devhub.checkmarx.com/cve-details/Cx78f40514-81ff) about Cx78f40514-81ff
**Checkmarx Project:** [jerp1979/java\-faker](https://eu.ast.checkmarx.net/projects/80665d4a-17df-4b6a-a5e9-b12ef3137b1d/overview?branch=master)
**Repository URL:** [https://github.com/jerp1979/java\-faker](https://github.com/jerp1979/java-faker)
**Branch:** master
**Scan ID:** [8f3fa71f\-fe46\-4bc8\-9378\-781a0403538e](https://eu.ast.checkmarx.net/projects/80665d4a-17df-4b6a-a5e9-b12ef3137b1d/scans?id=8f3fa71f-fe46-4bc8-9378-781a0403538e&branch=master)


----
The framework Apache Commons Collections before 4.3 is vulnerable to
Stack Overflow. The function `add()` in the file `src/main/java/org/apache/commons/collections4/list/SetUniqueList.java` throws a StackOverflowError when the `add()` method is called with its own list.
To resolve this issue - upgrade to version 4.3. Please note: the package name was changed to org.apache.commons:commons-collections4 on version 4.0.





----
**Additional Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** NONE
**Availability impact:** HIGH


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cx78f40514-81ff @ Maven-commons-collections:commons-collections-3.2.2 #5

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Cx78f40514-81ff @ Maven-commons-collections:commons-collections-3.2.2 #5

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions