3 matches found
SSRF (Server-Side Request Forgery) org.apache.xmlgraphics:batik-bridge Dependency in Jira Software Data Center and Server
This High severity org.apache.xmlgraphics:batik-bridge Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Jira Software Data Center and Server. This org.apache.xmlgraphics:batik-bridge Dependency vulnerability, with a CVSS...
CVE-2022-40146 Jar url should be blocked by DefaultScriptSecurity
Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14...
CVE-2022-40146
CVE-2022-40146 is a Server-Side Request Forgery in Apache XML Graphics Batik (version 1.14) that allows an attacker to access files via a Jar URL. Multiple connected advisories confirm the vulnerability and urge upgrading Batik to patched versions; Debian and Gentoo advisories show Batik updates ...