31 matches found
EUVD-2025-44730
Malicious code in vera-liwet98-sukiwir npm...
EUVD-2024-44730
Malicious code in bioql PyPI...
CVE-2024-44730
Incorrect access control in the function handleDataChannelChatdataMessage of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name...
Medium: batik
Issue Overview: Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some...
Linux Distros Unpatched Vulnerability : CVE-2022-44730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A...
RHEL 7 : batik (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...
RHEL 6 : batik (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...
openSUSE Security Advisory (SUSE-SU-2024:0808-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: xmlgraphics-batik / xmlgraphics-batik-css / xmlgraphics-batik-demo / etc (SUSE-SU-2024:0808-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0808-1 advisory. - CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik bsc1204704. -...
Security Bulletin: There is a vulnerability in batik-all-1.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-44730 and CVE-2022-44729)
Summary There is a vulnerability in batik-all-1.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-44730 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a...
GLSA-202401-11 : Apache Batik: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-11 Apache Batik: Multiple Vulnerabilities - In Apache Batik 1.x before 1.10, when deserializing subclass of AbstractDocument, the class takes a string from the inputStream as the class name which then use it to call the...
Debian dla-3619 : libbatik-java - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3619 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3619-1 [email protected]...
Security Bulletin: The IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit are vulnerable to a server-side request forgery due to Apache Batik (CVE-2022-44730, CVE-2022-44729)
Summary The IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit are vulnerable to a server-side request forgery due to Apache Batik CVE-2022-44730, CVE-2022-44729. Vulnerability Details CVEID:CVE-2022-44730 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery,...
ai.tock:tock-shared (>=19.9.4 <=26.3.2), at.austriapro:ebinterface-rendering (>=1.0.0 <=1.0.1) +1503 more potentially affected by CVE-2022-44730 via org.apache.xmlgraphics:batik-script (>=1.10 <=1.16)
org.apache.xmlgraphics:batik-script MAVEN version =1.10, =19.9.4, =1.0.0, =1.0.7, =0.2.1, =0.5.0, =0.11.1, =0.0.2, =0.0.1, =0.0.1, =25.6.0, =25.12.0 and more Source cves: CVE-2022-44730 Source advisory: OSV:GHSA-2474-2566-3QXP...
CVE-2022-44730
Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...
CVE-2022-44730
Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...
CVE-2022-44730
Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...
CVE-2022-44730
CVE-2022-44730 is a Server-Side Request Forgery (SSRF) in Apache XML Graphics Batik (affected version: 1.16). A malicious SVG can probe user data and send it as a parameter to a URL; advisories (IBM bulletin, ALAS-2025-2801, Amazon Linux advisories) identify this alongside CVE-2022-44729 and reco...
Security fix for the ALT Linux 10 package snapd version 2.54.3-alt1
2.54.3-alt1 built April 26, 2022 Andrey Cherepanov in task 299035 --- Feb. 20, 2022 Alexey Shabalin - 2.54.3 Fixes: CVE-2021-44730, CVE-2021-44731, CVE-2021-4120...
USN-5292-4 snapd regression
USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for...