CVE-2019-10908 Blast Radius

CRITICAL • CVSS 9.8In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2019-10908.

Start Free Scan →← Back to CVE-2019-10908