vulnerability
Gentoo Linux: CVE-2019-10086: Commons-BeanUtils: Improper Access Restriction
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Aug 20, 2019 | May 10, 2024 | Nov 27, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 20, 2019
Added
May 10, 2024
Modified
Nov 27, 2024
Description
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.
Solution
gentoo-linux-upgrade-dev-java-commons-beanutils

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.