212 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xmlrpc (UTSA-2026-016592)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016592 advisory. An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A malicious...
Astra Linux - уязвимость в batik
A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...
Astra Linux - уязвимость в batik
Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...
Astra Linux - уязвимость в batik
A vulnerability in Batik of Apache XML Graphics allows an attacker to execute Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics versions prior to 1.16. Users are recommended to upgrade to version 1.16...
EUVD-2011-2501
Malware in sbrugna...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Apache XML Security for Java.
Summary Multiple vulnerabilities in Apache XML Security for Java that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-20945 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a local authenticated attacker...
Linux Distros Unpatched Vulnerability : CVE-2024-34580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in...
Linux Distros Unpatched Vulnerability : CVE-2022-42890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics...
Linux Distros Unpatched Vulnerability : CVE-2022-41704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16...
CVE-2024-34580
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...
Amazon Linux 2 : batik (ALAS-2025-2801)
The version of batik installed on the remote host is prior to 1.8-0.12.svn1230816. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2801 advisory. Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issu...
Medium: batik
Issue Overview: Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some...
Linux Distros Unpatched Vulnerability : CVE-2022-40146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML...
Linux Distros Unpatched Vulnerability : CVE-2022-38648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML...
Linux Distros Unpatched Vulnerability : CVE-2022-44730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A...
Linux Distros Unpatched Vulnerability : CVE-2024-28168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are...
Linux Distros Unpatched Vulnerability : CVE-2022-44729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On...
Linux Distros Unpatched Vulnerability : CVE-2019-17570
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC aka ws-xmlrpc library. A maliciou...
Linux Distros Unpatched Vulnerability : CVE-2016-5002
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-si...
Medium: fop
Issue Overview: Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue. CVE-2024-28168 Affected Packages: fop Note: This advisory...