Oracle Application Testing Suite (July 2025 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache Commo...

Oracle Primavera Unifier (July 2025 CPU)

The versions of Primavera Unifier installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platform Apache Commons BeanUtils. Supported versions that...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

RHSA-2025:10814 Red Hat Security Advisory: apache-commons-beanutils security update

Bulletin has no description...

The vulnerability of the PropertyUtilsBean class in the Apache Commons Beanutils utility allows a hacker to execute arbitrary code.

The vulnerability of the PropertyUtilsBean utility in the Apache Commons Beanutils library is related to deficiencies in access control to the class loader. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

Important: Red Hat Security Advisory: apache-commons-beanutils security update

An update for apache-commons-beanutils is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

RHEL 7 : apache-commons-beanutils (RHSA-2025:10814)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10814 advisory. The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes:...

ROS-20250710-11

Vulnerability of PropertyUtilsBean class of Apache Commons Beanutils utility is related to flaws in unbundled access to the class loader. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.8 Security update (Important) (RHSA-2025:10453)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10453 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release ...

Security Bulletin: IBM Integration Designer is vulnerable to improper access control (CVE-2025-48734)

Summary Vulnerability in Apache Commons BeanUtils used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-48734. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in...

AlmaLinux 9 : apache-commons-beanutils (ALSA-2025:9114)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9114 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has extracted...

AlmaLinux 8 : javapackages-tools:201801 (ALSA-2025:9318)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9318 advisory. apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default CVE-2019-10086 commons-beanutils: Apache Commons BeanUtil...

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to improper access control due to Apache Commons BeanUtils (CVE-2025-23184)

Summary Apache Commons BeanUtils is shipped with IBM Tivoli Business Service Manager as part of its backend process to handle Java Beans. Information about a security vulnerability affecting Apache Commons BeanUtils has been published in a security bulletin. Vulnerability Details...