RHEL 9 : apache-commons-beanutils (RHSA-2025:9696)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9696 advisory. The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. Security Fixes:...

SUSE SLES12 Security Update : apache-commons-beanutils (SUSE-SU-2025:02056-1)

"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02056-1 advisory. Update to 1.11.0: Fixed Bugs: - BeanComparator.compareT, T now throws IllegalArgumentException instead of RuntimeException to wrap all cases ...

Debian: Security Advisory (DLA-4229-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

Important: Red Hat Security Advisory: apache-commons-beanutils security update

An update for apache-commons-beanutils is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

[SECURITY] [DLA 4229-1] commons-beanutils security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4229-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA June 25, 2025 https://wiki.debian.org/LTS -...

Amazon Linux 2 : apache-commons-beanutils (ALAS-2025-2899)

The version of apache-commons-beanutils installed on the remote host is prior to 1.8.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2899 advisory. Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version...

DLA-4229-1 commons-beanutils - security update

Bulletin has no description...

Debian dla-4229 : libcommons-beanutils-java - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4229 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4229-1 [email protected] https://www.debian.org/lts/security/...

Important: apache-commons-beanutils

Issue Overview: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not...

Important: apache-commons-beanutils

Issue Overview: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not...

commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader...

Important: javapackages-bootstrap

Issue Overview: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not...

Important: javapackages-bootstrap

Issue Overview: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not...

Fedora: Security Advisory (FEDORA-2025-48e8e5f8ed)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-3eb7c0066f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: apache-commons-beanutils-1.9.4-39.fc41

The scope of this package is to create a package of Java utility methods for accessing and modifying the properties of arbitrary JavaBeans. No dependencies outside of the JDK are required, so the use of this package is very lightweight...

Security update for apache-commons-beanutils

This update for apache-commons-beanutils fixes the following issues: Update to 1.11.0: Fixed Bugs: BeanComparator.compareT, T now throws IllegalArgumentException instead of RuntimeException to wrap all cases of ReflectiveOperationException. MappedMethodReference.get now throws IllegalStateExcepti...