Advisories » MGASA-2025-0299

Updated apache-commons-beanutils packages fix security vulnerability

Publication date: 15 Nov 2025
Modification date: 15 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-48734

Description

Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an 
enum's declaredClass property by default. (CVE-2025-48734)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34330
• https://lists.opensuse.org/opensuse-updates/2019-09/msg00017.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48734

SRPMS

9/core

• apache-commons-beanutils-1.9.4-7.1.mga9