CVE-2025-48734
- EPSS 0.06%
- Veröffentlicht 28.05.2025 13:32:08
- Zuletzt bearbeitet 09.06.2025 18:56:26
Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. ...
CVE-2019-10086
- EPSS 0.26%
- Veröffentlicht 20.08.2019 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:18:22
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...
CVE-2014-0114
- EPSS 92.32%
- Veröffentlicht 30.04.2014 10:49:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "m...