Sign In

CVE-2019-10086

ADVISORY - github

Summary

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

EPSS Score: 0.00383 (0.589)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-502

Deserialization of Untrusted Data

ADVISORY - github

CWE-502

Deserialization of Untrusted Data

ADVISORY - gitlab

CWE-1035

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-502

Deserialization of Untrusted Data

CWE-937

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-502

Deserialization of Untrusted Data

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2019-10086
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-502

CVSS SCORE

7.3high

GitHub

CREATED

UPDATED

ADVISORY IDGHSA-6phf-73q6-gh87
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-502

CVSS SCORE

7.3high

Debian

CREATED

UPDATED

ADVISORY IDCVE-2019-10086
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2019-10086
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.3medium

GitLab

CREATED

UPDATED

ADVISORY ID

CVE-2019-10086

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1035CWE-502CWE-937

CVSS SCORE

7.3high

Alma

CREATED

UPDATED

ADVISORY IDALSA-2025:9318
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2020-1395
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2019-10086
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-502

CVSS SCORE

7.3high

Oracle

CREATED

UPDATED

ADVISORY IDELSA-2020-0194
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

UPDATED

ADVISORY IDELSA-2025-9318
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-3x75-f9j7-7hm9

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY