19 matches found
Oracle Business Intelligence Enterprise Edition (April 2024 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...
openSUSE Security Advisory (SUSE-SU-2024:0808-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2024-0068)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: xmlgraphics-batik / xmlgraphics-batik-css / xmlgraphics-batik-demo / etc (SUSE-SU-2024:0808-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0808-1 advisory. - CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik bsc1204704. -...
GLSA-202401-11 : Apache Batik: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-11 Apache Batik: Multiple Vulnerabilities - In Apache Batik 1.x before 1.10, when deserializing subclass of AbstractDocument, the class takes a string from the inputStream as the class name which then use it to call the...
Ubuntu: Security Advisory (USN-6117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache Batik vulnerabilities (USN-6117-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6117-1 advisory. It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perfor...
Oracle Business Process Management Suite (Apr 2023 CPU)
The version of Oracle Business Process Management Suite installed on the remote host is affected by multiple vulnerabilities, as referenced in the April 2023 CPU advisory. Specifically: - Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java...
Jira is affected by CVE-2022-42890 &
This affects the Batik library from v1.0 - v1.15 Jira 9.0.0 uses Batik v1.14. More information on vulnerability at: Information Exposure CVE-2022-41704|https://asecurityteam.atlassian.net/browse/VULN-1041609 Remote Code Execution RCE...
Amazon Linux 2 : batik (ALAS-2023-1966)
The version of batik installed on the remote host is prior to 1.8-0.12.svn1230816. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1966 advisory. Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the...
SUSE CVE-2022-42890
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16...
OESA-2023-1057 batik security update
Batik is an inline templating engine for CoffeeScript, inspired by CoffeeKup, that lets you write your template directly as a CoffeeScript function. Security Fixes: A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache...
Debian dla-3169 : libbatik-java - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3169 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3169-1 [email protected]...
Debian DSA-5264-1 : batik - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5264 advisory. - A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16...
[SECURITY] [DSA 5264-1] batik security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5264-1 [email protected] https://www.debian.org/security/ Markus Koschany October 29, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3169-1] batik security update
Debian LTS Advisory DLA-3169-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 29, 2022 https://wiki.debian.org/LTS Package : batik Version : 1.10-2+deb10u2 CVE ID : CVE-2022-41704 CVE-2022-42890 It was discovered that Apache Batik, a SVG library for Java,...
CVE-2022-42890
creationtimestamp| type| source ---|---|--- 2022-10-25 20:41:02+00:00| seen| https://t.me/cibsecurity/52060 2025-02-16 23:27:30+00:00| seen| https://bsky.app/profile/brasilnewsia.bsky.social/post/3lidf27l2tn2i...
CVE-2022-42890
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16...
CVE-2022-42890
CVE-2022-42890 is a vulnerability in Apache Batik (XML Graphics Project) that allows an attacker to run arbitrary Java code from untrusted SVG via JavaScript. The issue affects Apache Batik prior to version 1.16; multiple advisories note upgrading to 1.16 or newer as the remediation (e.g., Debian...