213 matches found
XML External Entity (XXE) Injection
Apache batik is susceptible to denial of service DoS or file disclosure through XML external entities XXE. The attacks are possible because it does not prevent dereferencing of XML external entities in the DTD and revealing the content of the target file in the output...
Xxe
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
DEBIAN-CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
CVE-2015-0250
CVE-2015-0250 describes an XXE vulnerability in Apache Batik 1.x prior to 1.8, affecting the SVG to PNG/JPG conversion paths. The root cause is XML external entity processing within Batik’s SVG handling, enabling a remote attacker to read arbitrary files or cause a denial of service via a crafted...
CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
Improper Restriction of XML External Entity Reference
XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes in Apache Batik allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
Apache Batik Information Disclosure Vulnerability
Apache Batik is a Java-based technology SVG Scalable Vector Graphics toolkit , you can view , generate and process SVG format images . Apache Batik has a security vulnerability that can be exploited by attackers to send malicious SVG files and obtain sensitive information...
CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
PT-2015-4542 · Apache +2 · Apache Batik +2
Name of the Vulnerable Software and Affected Versions: Apache Batik versions 1.x before 1.8 Description: The issue is related to an XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes. This allows remote attackers to read arbitrary files or cause a denial of service...
UBUNTU-CVE-2015-0250
XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...
Apache Batik Squiggle SVG browser protection bypass
No description provided...