Threat Post

Critical Java Bug Extends to Oracle, IBM Middleware

Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts. For close to 10 months, a critical ...
Ars Technica

Using an external library in Java (Apache Commons and Eclipse)

I'm trying to use one of the Apache Commons libraries (Math 3.3) in Java with Eclipse. (JDK 1.7 and Eclipse 3/JDT 3.7) And I can't get away from NoClassDefFoundError ...
ZDNet

Java unserialize remote code execution hole hits Commons Collections, JBoss, WebSphere, WebLogic

Researchers from Foxglove Security have reportedly discovered a remote code execution hole in the widely used Apache Commons library, thanks to the insecure method in which Java unserializes objects, ...
InfoQ

Remotely Exploitable Java Zero Day Exploits through Deserialization

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
Bleeping Computer

Apache Commons Text RCE flaw — Keep calm and patch away

A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most cybersecurity researchers say it is ...