126 matches found
Astra Linux - уязвимость в batik
A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...
Astra Linux - уязвимость в batik
A vulnerability in Batik of Apache XML Graphics allows an attacker to execute Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics versions prior to 1.16. Users are recommended to upgrade to version 1.16...
Astra Linux - уязвимость в batik
Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...
Linux Distros Unpatched Vulnerability : CVE-2022-42890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics...
Linux Distros Unpatched Vulnerability : CVE-2022-41704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16...
Amazon Linux 2 : batik (ALAS-2025-2801)
The version of batik installed on the remote host is prior to 1.8-0.12.svn1230816. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2801 advisory. Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issu...
Medium: batik
Issue Overview: Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some...
Linux Distros Unpatched Vulnerability : CVE-2022-40146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML...
Linux Distros Unpatched Vulnerability : CVE-2022-38648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML...
Linux Distros Unpatched Vulnerability : CVE-2022-44730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A...
Linux Distros Unpatched Vulnerability : CVE-2022-44729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On...
Linux Distros Unpatched Vulnerability : CVE-2024-28168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are...
Medium: fop
Issue Overview: Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue. CVE-2024-28168 Affected Packages: fop Note: This advisory...
CVE-2024-28168
A flaw was found in Apache XML Graphics FOP. This vulnerability allows remote attackers to cause issues via improper handling of XML External Entity XXE references. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
DEBIAN-CVE-2024-28168
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
CVE-2024-28168
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
CVE-2024-28168
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
CVE-2024-28168 Apache XML Graphics FOP: XML External Entity (XXE) Processing
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
CVE-2024-28168 Apache XML Graphics FOP: XML External Entity (XXE) Processing
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...
CVE-2024-28168
CVE-2024-28168 concerns an XXE in Apache XML Graphics FOP affecting version 2.9. The root cause is an improper restriction of XML External Entity references, leading to potential exposure of sensitive data if exploited over the network. The CVSS base score is 7.5 (Network attacker, no user intera...