RHSA-2025:10814 Red Hat Security Advisory: apache-commons-beanutils security update

Bulletin has no description...

The vulnerability of the PropertyUtilsBean class in the Apache Commons Beanutils utility allows a hacker to execute arbitrary code.

The vulnerability of the PropertyUtilsBean utility in the Apache Commons Beanutils library is related to deficiencies in access control to the class loader. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

Important: Red Hat Security Advisory: apache-commons-beanutils security update

An update for apache-commons-beanutils is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

RHEL 7 : apache-commons-beanutils (RHSA-2025:10814)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10814 advisory. The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes:...

ROS-20250710-11

Vulnerability of PropertyUtilsBean class of Apache Commons Beanutils utility is related to flaws in unbundled access to the class loader. Exploitation of the vulnerability could allow an attacker, acting remotely, execute arbitrary code...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.8 Security update (Important) (RHSA-2025:10453)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10453 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release ...

Security Bulletin: IBM Integration Designer is vulnerable to improper access control (CVE-2025-48734)

Summary Vulnerability in Apache Commons BeanUtils used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-48734. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in...

OESA-2025-1715 apache-commons-beanutils security update

The scope of this package is to create a package of Java utility methods for accessing and modifying the properties of arbitrary JavaBeans. No dependencies outside of the JDK are required, so the use of this package is very lightweight. Security Fixes: A vulnerability, which was classified as...

AlmaLinux 8 : javapackages-tools:201801 (ALSA-2025:9318)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:9318 advisory. apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default CVE-2019-10086 commons-beanutils: Apache Commons BeanUtil...

AlmaLinux 9 : apache-commons-beanutils (ALSA-2025:9114)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9114 advisory. commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default CVE-2025-48734 Tenable has extracted...

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to improper access control due to Apache Commons BeanUtils (CVE-2025-23184)

Summary Apache Commons BeanUtils is shipped with IBM Tivoli Business Service Manager as part of its backend process to handle Java Beans. Information about a security vulnerability affecting Apache Commons BeanUtils has been published in a security bulletin. Vulnerability Details...

Fedora 41 : apache-commons-beanutils (2025-3eb7c0066f)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3eb7c0066f advisory. Fix improper access control vulnerability Resolves: CVE-2025-48734 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 42 : apache-commons-beanutils (2025-48e8e5f8ed)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-48e8e5f8ed advisory. Fix improper access control vulnerability Resolves: CVE-2025-48734 Tenable has extracted the preceding description block directly from the Fedora security...

ROS-20250630-10

A vulnerability in the BeanIntrospector class of the Apache Commons Beanutils utility is related to the recovery of an inaccurate data structure in memory. of an invalid data structure. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality,...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

RHSA-2025:9696 Red Hat Security Advisory: apache-commons-beanutils security update

Bulletin has no description...