Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2025/07/21 12:0 a.m.5 views

Debian: Security Advisory (DLA-4243-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7AI score0.13635EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/07/21 12:0 a.m.6 views

Debian dla-4243 : libbatik-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4243 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4243-1 [email protected]...

8.2CVSS6.8AI score0.13635EPSS
Exploits1References10
Debian
Debian
added 2025/07/20 8:43 p.m.9 views

[SECURITY] [DLA 4243-1] batik security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4243-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk July 20, 2025 https://wiki.debian.org/LTS -...

8.2CVSS7.6AI score0.13635EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.36 views

RHEL 6 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

8.2AI score0.19523EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.38 views

RHEL 7 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - batik: XML external entity processing vulnerability CVE-2017-5662 - batik: information disclosure when...

8.2AI score0.19523EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.53 views

GLSA-202401-11 : Apache Batik: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-11 Apache Batik: Multiple Vulnerabilities - In Apache Batik 1.x before 1.10, when deserializing subclass of AbstractDocument, the class takes a string from the inputStream as the class name which then use it to call the...

9.8CVSS7.2AI score0.19523EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2023/10/14 12:0 a.m.32 views

Debian dla-3619 : libbatik-java - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3619 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3619-1 [email protected]...

8.2CVSS6.8AI score0.13635EPSS
Exploits1References14
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-6117-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.13635EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.41 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache Batik vulnerabilities (USN-6117-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6117-1 advisory. It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perfor...

8.2CVSS6.9AI score0.13635EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.61 views

Amazon Linux 2 : batik (ALAS-2023-1966)

The version of batik installed on the remote host is prior to 1.8-0.12.svn1230816. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1966 advisory. Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the...

8.2CVSS7AI score0.13635EPSS
Exploits1References14
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/04 3:55 p.m.60 views

Security Bulletin: Multiple Vulnerabilities discovered in libraries used by TCRtoolkit in ITNM

Summary Multiple vulnerabilities CVE-2009-4521; CVE-2015-0250; CVE-2017-5662; CVE-2018-8013; CVE-2019-17566; CVE-2020-11987; CVE-2009-4269; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2021-41033 found in TCRtoolkit component present in IBM Tivoli Network Manager...

9.8CVSS10AI score0.19523EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/30 4:22 p.m.45 views

Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-11987

Summary IBM TRIRIGA Application Platform discloses CVE-2020-11987 Vulnerability Details CVEID:CVE-2020-11987 DESCRIPTION: Apache XML Graphics Batik is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an...

8.2CVSS7.8AI score0.13635EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0168)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.1AI score0.13635EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/17 12:0 a.m.27 views

Fedora: Security Advisory for batik (FEDORA-2021-33a1b73e48)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS8.3AI score0.13635EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/16 12:0 a.m.29 views

Fedora 33 : batik (2021-33a1b73e48)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-33a1b73e48 advisory. - Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a...

8.2CVSS6.9AI score0.13635EPSS
Exploits0References2
OSV
OSV
added 2021/04/02 8:25 p.m.11 views

MGASA-2021-0168 Updated batik packages fix security vulnerabilities

A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack SSRF via "xlink:href" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system...

8.2CVSS7.7AI score0.13635EPSS
Exploits0References5
Mageia
Mageia
added 2021/03/17 6:16 a.m.61 views

Updated batik packages fix a security vulnerability

The Apache Batik library is vulnerable to SSRF via the NodePickerPanel that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11987...

8.2CVSS4AI score0.13635EPSS
Exploits0References3
OSV
OSV
added 2021/03/17 6:16 a.m.6 views

MGASA-2021-0139 Updated batik packages fix a security vulnerability

The Apache Batik library is vulnerable to SSRF via the NodePickerPanel that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11987...

8.2CVSS8.1AI score0.13635EPSS
Exploits0References4
OSV
OSV
added 2021/02/24 6:15 p.m.26 views

CVE-2020-11987

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

8.2CVSS6.6AI score
Exploits0References13
CVE
CVE
added 2021/02/24 12:0 a.m.296 views

CVE-2020-11987

CVE-2020-11987 – SSRF in Apache Batik 1.13 . The initial description confirms a server-side request forgery via improper input validation in NodePickerPanel, enabling an attacker to make arbitrary GET requests from the server. Connected documents corroborate concrete remediation actions across ve...

8.2CVSS7.8AI score0.13635EPSS
Exploits0References13Affected Software1
Rows per page
Query Builder