advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard
verified publisher icon github

[GHSA-6phf-73q6-gh87] Insecure Deserialization in Apache Commons Beanutils

Open SunBK201 opened this issue 1 year ago • 1 comments

Updates

  • Affected products

Comments According to Patch, this vulnerability was introduced from 1.9.0.

SunBK201 avatar Jun 05 '24 14:06 SunBK201

@SunBK201 I have a question about this PR. I noticed that CVE-2019-10086 and CVE-2014-0114 appear to be related. According to https://github.com/advisories/GHSA-p66x-2cv9-qq3v, commons-beanutils:commons-beanutils became vulnerable in version 1.8.0. Did you mean to add 1.8.0 as the initial vulnerable version?

shelbyc avatar Jun 05 '24 16:06 shelbyc