Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Scout » Scout and Apache Commons Collection Vulnerability
Scout and Apache Commons Collection Vulnerability [message #1715447] Mon, 23 November 2015 16:45
Matthias Zimmermann is currently offline Matthias ZimmermannFriend
Messages: 208
Registered: June 2015
Senior Member
The recently exposed Apache Commons Collection (ACC) vulnerability [1] also affects Scout applications under certain conditions.

Scout applications starting with version 5.1 (Scout Neon release) are not affected when standard settings are used.

Scout applications prior to version 5.1 (Scout Mars release and older) are potentially affected if an attacker is in possession of the login credentials of the Scout application and an affected ACC is available on the classpath. Potential scenarios include.

  1. Your container provides an affected ACC
  2. Your application includes an affected ACC

A readme on how to check for affected containers and applications and additional information regarding this vulnerability are provided on Github [2].

[1] https://issues.apache.org/jira/browse/COLLECTIONS-580
[2] https://github.com/BSI-Business-Systems-Integration-AG/COLLECTIONS-580-check

Report message to a moderator

Previous Topic:[Mars] Traversing through AbstractSmartCloumn
Next Topic:Custom Table Sorting
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Apr 26 19:06:17 GMT 2024

Powered by FUDForum. Page generated in 0.03557 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly