Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-5662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG file...

7.9CVSS7.5AI score0.04118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 7 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

9.8CVSS9.2AI score0.19523EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.36 views

RHEL 6 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

8.2AI score0.19523EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.38 views

RHEL 7 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

8.2AI score0.19523EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 8:40 a.m.39 views

Security Bulletin: Vulnerabilities found in batik-all-1.7.jar, batik-dom-1.7.jar which is shipped with IBM® Intelligent Operations Center(CVE-2018-8013, CVE-2017-5662, CVE-2015-0250)

Summary Multiple vulnerabilities have been identified in batik-all-1.7.jar, batik-dom-1.7.jar which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs...

9.8CVSS9.3AI score0.19523EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/13 10:54 a.m.34 views

Security Bulletin: The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology contains additional security fixes for CVE-2015-0250, CVE-2018-8013, CVE-2017-5662 batik-dom-1.7.jar (Publicly disclosed vulnerability found by WhiteSource)

Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix005 contains fix for CVE-2015-0250, CVE-2018-8013, CVE-2017-5662 batik-dom-1.7.jar which is identified as a vulnerability during OSS scan. This version contains upgraded vresion of batik-dom to batik-dom-1.16.jar Vulnerability Details...

9.8CVSS8.6AI score0.19523EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/04 3:55 p.m.60 views

Security Bulletin: Multiple Vulnerabilities discovered in libraries used by TCRtoolkit in ITNM

Summary Multiple vulnerabilities CVE-2009-4521; CVE-2015-0250; CVE-2017-5662; CVE-2018-8013; CVE-2019-17566; CVE-2020-11987; CVE-2009-4269; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2021-41033 found in TCRtoolkit component present in IBM Tivoli Network Manager...

9.8CVSS10AI score0.19523EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/30 4:36 p.m.55 views

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-20215-0250

Summary IBM TRIRIGA Application Platform discloses CVE-2015-0250 Vulnerability Details CVEID:CVE-2015-0250 DESCRIPTION: Apache Batik could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially-crafted SVG file, an attacker could exploit this...

9.8CVSS8.7AI score0.19523EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:45 p.m.33 views

Security Bulletin: Vulnerability in Apache Batik affects IBM Maximo Asset Management (CVE-2017-5662)

Summary Apache Batik used by IBM Maximo Asset Management could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. By using a specially-crafted SVG file, a remote attacker could exploit this vulnerability to...

7.9CVSS1.3AI score0.04118EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 1:9 p.m.34 views

Security Bulletin: Vulnerability in Apache Batik affects IBM Cúram Social Program Management (CVE-2017-5662)

Summary IBM Cúram Social Program Management uses the Apache Batik Library. Apache Batik could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data. Vulnerability Details CVEID: CVE-2017-5662 DESCRIPTION: Apache...

7.9CVSS0.6AI score0.04118EPSS
Exploits0Affected Software1
Debian
Debian
added 2018/06/02 8:13 a.m.39 views

[SECURITY] [DSA 4215-1] batik security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4215-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 02, 2018 https://www.debian.org/security/faq -...

7.9CVSS2AI score0.19523EPSS
Exploits0
Debian
Debian
added 2018/06/02 8:13 a.m.34 views

[SECURITY] [DSA 4215-1] batik security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4215-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 02, 2018 https://www.debian.org/security/faq -...

9.8CVSS9.2AI score0.19523EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/02/14 7:29 p.m.83 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R6 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.8AI score0.07194EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2017/08/29 7:40 p.m.72 views

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.4.5 security update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.2AI score0.37925EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2017/07/17 12:0 a.m.37 views

Fedora 26 : batik (2017-7a5f625013)

Update to upstream version 1.9. Fixes CVE-2017-5662. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...

7.9CVSS7.4AI score0.04118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/10 12:0 a.m.47 views

Fedora 25 : batik (2017-43b46cd2da)

Security fix for CVE-2017-5662 ---- Add missing requires on xmlgraphics-commons Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7.9CVSS7.4AI score0.04118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/10 12:0 a.m.44 views

Fedora 24 : batik (2017-aff3dd3101)

Security fix for CVE-2017-5662 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

7.9CVSS7.4AI score0.04118EPSS
Exploits0References2
Debian
Debian
added 2017/04/29 3:41 p.m.44 views

[SECURITY] [DLA 926-1] batik security update

Package : batik Version : 1.7+dfsg-3+deb7u2 CVE ID : CVE-2017-5662 Debian Bug : 860566 In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the...

7.9CVSS7.2AI score0.04118EPSS
Exploits0
CVE
CVE
added 2017/04/18 2:0 p.m.132 views

CVE-2017-5662

CVE-2017-5662 affects Apache Batik before 1.9, exposing files on the server when processing adversarial SVGs. Root context could lead to full server compromise; XXE can trigger DoS amplification. Connected docs confirm Batik-related exploits/SSRF risks and list affected platforms (e.g., Batik =1....

7.9CVSS7.1AI score0.04118EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder