Lucene search
K

213 matches found

Veracode
Veracode
added 2017/04/13 2:0 a.m.26 views

XML External Entity (XXE) Injection

Apache batik is susceptible to denial of service DoS or file disclosure through XML external entities XXE. The attacks are possible because it does not prevent dereferencing of XML external entities in the DTD and revealing the content of the target file in the output...

6.4CVSS8.2AI score0.16564EPSS
Exploits1References22Affected Software2
Prion
Prion
added 2015/03/24 5:59 p.m.34 views

Xxe

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS7AI score0.16564EPSS
Exploits1References11Affected Software3
NVD
NVD
added 2015/03/24 5:59 p.m.18 views

CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS8.2AI score0.16564EPSS
Exploits1References11
OSV
OSV
added 2015/03/24 5:59 p.m.1 views

DEBIAN-CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS8.9AI score0.16564EPSS
Exploits1References1
OSV
OSV
added 2015/03/24 5:59 p.m.5 views

CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4AI score
Exploits0References11
CVE
CVE
added 2015/03/24 5:0 p.m.119 views

CVE-2015-0250

CVE-2015-0250 describes an XXE vulnerability in Apache Batik 1.x prior to 1.8, affecting the SVG to PNG/JPG conversion paths. The root cause is XML external entity processing within Batik’s SVG handling, enabling a remote attacker to read arbitrary files or cause a denial of service via a crafted...

6.4CVSS8AI score0.16564EPSS
Exploits1References11Affected Software1
Debian CVE
Debian CVE
added 2015/03/24 5:0 p.m.33 views

CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS8.4AI score0.16564EPSS
Exploits1
GitLab Advisory Database
GitLab Advisory Database
added 2015/03/24 12:0 a.m.35 views

Improper Restriction of XML External Entity Reference

XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes in Apache Batik allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS8.2AI score0.16564EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2015/03/19 12:0 a.m.1 views

Apache Batik Information Disclosure Vulnerability

Apache Batik is a Java-based technology SVG Scalable Vector Graphics toolkit , you can view , generate and process SVG format images . Apache Batik has a security vulnerability that can be exploited by attackers to send malicious SVG files and obtain sensitive information...

6.4CVSS6.8AI score0.16564EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2015/03/18 12:0 a.m.36 views

CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS7AI score0.16564EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2015/03/18 12:0 a.m.2 views

PT-2015-4542 · Apache +2 · Apache Batik +2

Name of the Vulnerable Software and Affected Versions: Apache Batik versions 1.x before 1.8 Description: The issue is related to an XML external entity XXE vulnerability in the SVG to PNG and JPG conversion classes. This allows remote attackers to read arbitrary files or cause a denial of service...

6.4CVSS8.4AI score0.16564EPSS
Exploits1References32
OSV
OSV
added 2015/03/18 12:0 a.m.3 views

UBUNTU-CVE-2015-0250

XML external entity XXE vulnerability in the SVG to 1 PNG and 2 JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file...

6.4CVSS7.1AI score0.16564EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/02/22 12:0 a.m.26 views

Apache Batik Squiggle SVG browser protection bypass

No description provided...

2.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder