Pebble · Pebble Templates · CVE-2019-19899
**Name of the Vulnerable Software and Affected Versions**
Pebble Templates versions prior to 3.1.4
**Description**
The issue allows attackers to bypass a protection mechanism intended to block access to instances of `java.lang.Class` because `getClass` is accessible via the public static `java.lang.Class` `java.lang.Class.forName(java.lang.Module,java.lang.String)` signature. This enables potential exploitation by accessing sensitive classes.
**Recommendations**
For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue.