Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2020-11988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

8.2CVSS6.9AI score0.0665EPSS
Exploits0References3
Amazon
Amazon
added 2024/01/09 12:0 a.m.3 views

Medium: xmlgraphics-commons

Issue Overview: Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET...

8.2CVSS7AI score0.0665EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.35 views

Amazon Linux 2 : xmlgraphics-commons (ALAS-2024-2411)

The version of xmlgraphics-commons installed on the remote host is prior to 1.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2411 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input...

8.2CVSS7.3AI score0.0665EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.56 views

Oracle Business Intelligence Enterprise Edition (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...

8.2CVSS6.6AI score0.28839EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:43 a.m.34 views

Security Bulletin: IBM Jazz Reporting Service is vulnerable to CVE-2020-11988 Apache XML Graphics Commons

Summary XML Graphics Commons as used by IBM Jazz Reporting Service is vulnerable. IBM has addressed the relevant CVE. CVE-2020-11988 Vulnerability Details CVEID:CVE-2020-11988 DESCRIPTION: Apache XML Graphics Commons is vulnerable to server-side request forgery, caused by improper input validatio...

8.2CVSS7.9AI score0.0665EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

8.2CVSS8.2AI score0.0665EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/10/08 12:0 a.m.36 views

SUSE SLES12 Security Update : xmlgraphics-commons (SUSE-SU-2022:3550-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3550-1 advisory. - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc28160...

8.2CVSS6.8AI score0.0665EPSS
Exploits0References4
OSV
OSV
added 2022/10/07 1:7 p.m.8 views

SUSE-SU-2022:3550-1 Security update for xmlgraphics-commons

This update for xmlgraphics-commons fixes the following issues: - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc281607...

8.2CVSS8.4AI score0.0665EPSS
Exploits0References3
OSV
OSV
added 2022/05/11 11:3 a.m.4 views

OESA-2022-1649 xmlgraphics-commons security update

Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...

8.2CVSS9.1AI score0.0665EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/02/09 12:45 a.m.5 views

ai.tock:tock-shared (>=19.9.4 <=26.3.2), ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216) +2651 more potentially affected by CVE-2020-11988 via org.apache.xmlgraphics:xmlgraphics-commons (>=1.1 <=2.4)

org.apache.xmlgraphics:xmlgraphics-commons MAVEN version =1.1, =19.9.4, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =5.1.2, =1.0.7, =1.10.2, =1.13.0, =1.16.0...

8.2CVSS6.7AI score0.0665EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/06/17 1:15 p.m.102 views

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
RedHat Linux
RedHat Linux
added 2021/06/17 1:14 p.m.125 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.9CVSS7.2AI score0.82392EPSS
Exploits17References16
Tenable Nessus
Tenable Nessus
added 2021/04/19 12:0 a.m.36 views

Fedora 33 : xmlgraphics-commons (2021-c07a9e79cf)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c07a9e79cf advisory. - Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

8.2CVSS7.4AI score0.0665EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/02 12:0 a.m.23 views

Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2021-c07a9e79cf)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS8.2AI score0.0665EPSS
Exploits0References2
Mageia
Mageia
added 2021/03/18 9:56 a.m.36 views

Updated xmlgraphics-commons packages fix a security vulnerability

The Apache XML Graphics Commons library is vulnerable to SSRF via the XMPParser that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11988...

8.2CVSS5.4AI score0.0665EPSS
Exploits0References3
Circl
Circl
added 2021/02/24 8:36 p.m.7 views

CVE-2020-11988

creationtimestamp| type| source ---|---|--- 2021-02-24 20:36:57+00:00| seen| https://t.me/cibsecurity/24087...

8.2CVSS7AI score0.0665EPSS
Exploits0References1
OSV
OSV
added 2021/02/24 6:15 p.m.9 views

CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

8.2CVSS8.1AI score
Exploits0References8
CVE
CVE
added 2021/02/24 5:5 p.m.325 views

CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier are vulnerable to server-side request forgery (SSRF) via the XMPParser due to improper input validation. An attacker could trigger the server to make arbitrary GET requests. Remediation is to upgrade to 2.6 or later. Connected documents (IBM, Astra Linux...

8.2CVSS7.8AI score0.0665EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder