18 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-11988
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
Medium: xmlgraphics-commons
Issue Overview: Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET...
Amazon Linux 2 : xmlgraphics-commons (ALAS-2024-2411)
The version of xmlgraphics-commons installed on the remote host is prior to 1.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2411 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input...
Oracle Business Intelligence Enterprise Edition (October 2023 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...
Security Bulletin: IBM Jazz Reporting Service is vulnerable to CVE-2020-11988 Apache XML Graphics Commons
Summary XML Graphics Commons as used by IBM Jazz Reporting Service is vulnerable. IBM has addressed the relevant CVE. CVE-2020-11988 Vulnerability Details CVEID:CVE-2020-11988 DESCRIPTION: Apache XML Graphics Commons is vulnerable to server-side request forgery, caused by improper input validatio...
SUSE CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
SUSE SLES12 Security Update : xmlgraphics-commons (SUSE-SU-2022:3550-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3550-1 advisory. - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc28160...
SUSE-SU-2022:3550-1 Security update for xmlgraphics-commons
This update for xmlgraphics-commons fixes the following issues: - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc281607...
OESA-2022-1649 xmlgraphics-commons security update
Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...
ai.tock:tock-shared (>=19.9.4 <=26.3.2), ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216) +2651 more potentially affected by CVE-2020-11988 via org.apache.xmlgraphics:xmlgraphics-commons (>=1.1 <=2.4)
org.apache.xmlgraphics:xmlgraphics-commons MAVEN version =1.1, =19.9.4, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =5.1.2, =1.0.7, =1.10.2, =1.13.0, =1.16.0...
Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...
Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Fedora 33 : xmlgraphics-commons (2021-c07a9e79cf)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c07a9e79cf advisory. - Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2021-c07a9e79cf)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated xmlgraphics-commons packages fix a security vulnerability
The Apache XML Graphics Commons library is vulnerable to SSRF via the XMPParser that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11988...
CVE-2020-11988
creationtimestamp| type| source ---|---|--- 2021-02-24 20:36:57+00:00| seen| https://t.me/cibsecurity/24087...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier are vulnerable to server-side request forgery (SSRF) via the XMPParser due to improper input validation. An attacker could trigger the server to make arbitrary GET requests. Remediation is to upgrade to 2.6 or later. Connected documents (IBM, Astra Linux...