Threat Post

Critical Java Bug Extends to Oracle, IBM Middleware

Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts. For close to 10 months, a critical ...
ZDNet

Java unserialize remote code execution hole hits Commons Collections, JBoss, WebSphere ...

Researchers from Foxglove Security have reportedly discovered a remote code execution hole in the widely used Apache Commons library, thanks to the insecure method in which Java unserializes objects, ...
Bleeping Computer

Apache Commons Text RCE flaw — Keep calm and patch away

A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most cybersecurity researchers say it is ...