{"id":"ALSA-2025:9114","summary":"Important: apache-commons-beanutils security update","details":"The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans.  \n\nSecurity Fix(es):  \n\n  * commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default (CVE-2025-48734)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-02-04T03:04:02.347783Z","published":"2025-06-16T00:00:00Z","related":["CVE-2025-48734"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:9114"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-48734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2368956"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2025-9114.html"}],"affected":[{"package":{"name":"apache-commons-beanutils","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/apache-commons-beanutils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.9.4-10.el9_6"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:9114.json"}}],"schema_version":"1.7.3"}