CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
85.9%
software: batik 1.11
WASP: ROSA-CHROME
package_evr_string: batik-1.11-3.src.rpm
CVE-ID: CVE-2019-17566
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: Apache Batik is vulnerable to server-side request forgery caused by improper input validation using โxlink:hrefโ attributes. Using a specially crafted argument, an attacker could exploit this vulnerability to force the underlying server to execute arbitrary GET requests.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update batik
CVE-ID: CVE-2022-41704
BDU-ID: 2022-06660
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Apache Batik SVG image manipulation library is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary Java code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update batik
CVE-ID: CVE-2022-42890
BDU-ID: 2022-06659
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Apache Batik SVG image manipulation library is related to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary Java code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update batik
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
85.9%