326 matches found
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
RHEL 9 : Red Hat Product OCP Tools 4.18 OpenShift Jenkins (RHSA-2025:15810)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15810 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron...
Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to improper access control due to the Apache Commons package (CVE-2025-48734)
Summary Apache Commons is used by DataStage on Cloud Pak for Data as part of Java utility functionality. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used t...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in commons-beanutils-1.9.4.jar
Summary IBM Watson Discovery Cartridge contains a vulnerable version of commons-beanutils-1.9.4.jar Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to sto...
Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons ( CVE-2025-48734).
Summary SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons CVE-2025-48734. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
RockyLinux 8 : javapackages-tools:201801 (RLSA-2025:9318)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:9318 advisory. apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default CVE-2019-10086 commons-beanutils: Apache Commons...
Oracle Linux 7 : apache-commons-beanutils (ELSA-2025-10814)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10814 advisory. - Add SuppressPropertiesBeanIntrospector.SUPPRESSDECLARINGCLASS Orabug: 38176946CVE-2025-48734 - Fix CVE-2014-0114 - Fix CVE-2019-10086 - Resolves: CVE-2013-15...
Oracle Identity Manager (July 2025 CPU)
The 12.2.1.4.0 versions of Identity Manager installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: Core Apache Commons BeanUtils. The supported version...
Oracle Application Testing Suite (July 2025 CPU)
The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache Commo...
Oracle Primavera Unifier (July 2025 CPU)
The versions of Primavera Unifier installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platform Apache Commons BeanUtils. Supported versions that...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like...
RHSA-2025:10814 Red Hat Security Advisory: apache-commons-beanutils security update
Bulletin has no description...
The vulnerability of the PropertyUtilsBean class in the Apache Commons Beanutils utility allows a hacker to execute arbitrary code.
The vulnerability of the PropertyUtilsBean utility in the Apache Commons Beanutils library is related to deficiencies in access control to the class loader. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...
Important: Red Hat Security Advisory: apache-commons-beanutils security update
An update for apache-commons-beanutils is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...