Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheCommons Beanutils

3 matches found

CVE
CVEadded 2019/08/20 8:10 p.m.939 views

CVE-2019-10086

CVE-2019-10086 affects Apache Commons BeanUtils 1.9.2, where a BeanIntrospector addition could suppress access to the classloader via the class property on Java objects. The issue stems from not applying the suppression by default in PropertyUtilsBean, enabling potential risk across affected depl...

7.5CVSS7.3AI score0.01215EPSS
CVE
CVEadded 2025/05/28 1:32 p.m.390 views

CVE-2025-48734

The CVE-2025-48734 entry describes an Improper Access Control in Apache Commons BeanUtils. A BeanIntrospector was added (default-off in older behavior) to suppress the enum-declaredClass property access that could reveal a ClassLoader when external property paths are passed to PropertyUtilsBean.g...

8.8CVSS9AI score0.00258EPSS
CVE
CVEadded 2014/04/30 10:0 a.m.385 views

CVE-2014-0114

The CVE-2014-0114 issue affects Apache Struts 1.x through 1.3.10 (and related products using commons-beanutils) where the ActionForm/ClassLoader handling could be manipulated via a class parameter passed to getClass, enabling remote code execution. The F5 advisory confirms the vulnerability impac...

7.5CVSS8.4AI score0.92332EPSS
Web