It was discovered that Apache Commons BeanUtils improperly handled certain
input. An attacker could possibly use this vulnerability to cause a crash or execute arbitrary code.

References

ubuntu.com/security/CVE-2014-0114

ubuntu.com/security/CVE-2019-10086

ubuntu.com/security/notices/USN-4766-1

ibm 103

oraclelinux 2

ubuntu 1

openvas 15

nessus 29

fedora 3

veracode 1

osv 5

prion 2

debiancve 1

redhat 10

securityvulns 2

ubuntucve 2

debian 3

github 2

cve 2

suse 2

cgr 1

amazon 1

symantec 1

mageia 2

packetstorm 1

checkpoint_advisories 1

jvn 1

centos 2

redhatcve 1

wolfi 1

f5 2

ibm

Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache Commons BeanUtils (CVE-2014-0114, CVE-2019-10086)

2023-02-20 06:09:39

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2014-0114, CVE-2019-10086)

2020-09-26 18:11:53

Security Bulletin: Apache Commons BeanUtils Vulnerabilities Affect IBM Sterling B2B Integrator (CVE-2014-0114, CVE-2019-10086)

2021-10-05 20:46:28

oraclelinux

apache-commons-beanutils security update

2020-01-22 00:00:00

struts security update

2014-05-06 00:00:00

ubuntu

Apache Commons BeanUtils vulnerabilities

2021-03-15 00:00:00

openvas

Ubuntu: Security Advisory (USN-4766-1)

2023-01-27 00:00:00

Fedora Update for apache-commons-beanutils FEDORA-2019-79b5790566

2019-11-14 00:00:00

RedHat Update for struts RHSA-2014:0474-01

2014-05-12 00:00:00

nessus

Ubuntu 16.04 ESM / 18.04 ESM : Apache Commons BeanUtils vulnerabilities (USN-4766-1)

2023-10-16 00:00:00

Fedora 31 : apache-commons-beanutils (2019-bcad44b5d6)

2019-11-14 00:00:00

RHEL 6 : struts (RHSA-2014:0500)

2014-11-08 00:00:00

fedora

[SECURITY] Fedora 30 Update: apache-commons-beanutils-1.9.4-1.fc30

2019-11-13 09:58:19

[SECURITY] Fedora 31 Update: apache-commons-beanutils-1.9.4-1.fc31

2019-11-13 10:08:09

[SECURITY] Fedora 20 Update: struts-1.3.10-10.fc20

2014-08-23 02:00:36

veracode

Authorization Bypass

2019-08-16 00:43:09

osv

Insecure Deserialization in Apache Commons Beanutils

2020-06-15 20:36:17

commons-beanutils - security update

2019-08-24 00:00:00

Arbitrary code execution in Apache Commons BeanUtils

2020-06-10 23:38:01

prion

Default configuration

2019-08-20 21:15:00

Code injection

2014-04-30 10:49:00

debiancve

CVE-2019-10086

2019-08-20 21:15:00

redhat

(RHSA-2020:0057) Important: rh-java-common-apache-commons-beanutils security update

2020-01-08 11:00:17

(RHSA-2014:0500) Important: struts security update

2014-05-14 00:00:00

(RHSA-2020:0194) Important: apache-commons-beanutils security update

2020-01-21 18:21:47

securityvulns

Apache commons-beanutils code exeuction

2014-06-17 00:00:00

[oss-security] CVE request for commons-beanutils: 'class' property is exposed, potentially leading to RCE

2014-06-17 00:00:00

ubuntucve

CVE-2014-0114

2014-04-30 00:00:00

CVE-2019-10086

2019-08-20 00:00:00

debian

[SECURITY] [DSA 2940-1] libstruts1.2-java security update

2014-08-21 06:39:48

[SECURITY] [DLA 1896-1] commons-beanutils security update

2019-08-24 14:49:34

[SECURITY] [DLA 57-1] libstruts1.2-java security update

2014-09-17 12:59:07

github

Insecure Deserialization in Apache Commons Beanutils

2020-06-15 20:36:17

Arbitrary code execution in Apache Commons BeanUtils

2020-06-10 23:38:01

cve

CVE-2019-10086

2019-08-20 21:15:00

CVE-2014-0114

2014-04-30 10:49:00

suse

Security update for apache-commons-beanutils (important)

2019-09-03 00:00:00

Security update for struts (important)

2014-07-16 01:10:20

cgr

CVE-2019-10086 vulnerabilities

2024-04-29 15:59:53

amazon

Important: apache-commons-beanutils

2020-02-17 19:50:00

symantec

Apache Commons Beanutils CVE-2019-10086 Remote Security Vulnerability

2019-08-15 00:00:00

mageia

Updated apache-commons-beanutils packages fix security vulnerability

2019-12-19 16:44:26

Updated struts packages fix CVE-2014-0114

2014-05-15 02:13:20

packetstorm

OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference

2018-08-23 00:00:00

checkpoint_advisories

Apache Struts ActionForm ClassLoader Security Bypass (CVE-2014-0114)

2014-05-18 00:00:00

jvn

JVN#30962312: TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation

2014-06-17 00:00:00

centos

struts security update

2014-05-07 14:04:43

apache security update

2020-01-28 21:30:14

redhatcve

CVE-2019-10086

2020-02-14 11:44:26

wolfi

CVE-2019-10086 vulnerabilities

2024-04-29 16:00:10

K15282 : Apache Struts vulnerability CVE-2014-0114

2014-10-20 00:00:00

SOL15282 - Apache Struts vulnerability CVE-2014-0114

2014-05-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.973 High

EPSS

Percentile

99.9%

JSON

Related for OSV:USN-4766-1