0.003 Low
EPSS
Percentile
71.3%
A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.
There is no currently known mitigation for this flaw.
bugzilla.redhat.com/show_bug.cgi?id=1767483
commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt
nvd.nist.gov/vuln/detail/CVE-2019-10086
www.cve.org/CVERecord?id=CVE-2019-10086