Lucene search
K

151 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/11/15 3:49 p.m.39 views

Security Bulletin: IBM TRIRIGA Application Platform discloses server-side request forgery (CVE-2020-11988)

Summary CV-2020-11988 Apache XML Graphis Commons is vulerable to server-side request forgery. Vulnerability Details CVEID: CVE-2020-11988 DESCRIPTION: Apache XML Graphics Commons is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

8.2CVSS6.8AI score0.0665EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/11/03 12:46 a.m.42 views

SSRF org.apache.xmlgraphics in Confluence Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.13.0 and 7.19.0 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticate...

7.5CVSS7.3AI score0.02143EPSS
Exploits0
Atlassian
Atlassian
added 2023/11/03 12:46 a.m.42 views

SSRF org.apache.xmlgraphics:batik-bridge in Confluence Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.13.0 and 7.19.0 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticate...

7.5CVSS7.2AI score0.05791EPSS
Exploits1
Atlassian
Atlassian
added 2023/11/03 12:46 a.m.41 views

XSS org.apache.xmlgraphics:batik-script in Confluence Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.13.0 and 7.19.0 of Confluence Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticate...

7.5CVSS7.3AI score0.0232EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 10:43 a.m.34 views

Security Bulletin: IBM Jazz Reporting Service is vulnerable to CVE-2020-11988 Apache XML Graphics Commons

Summary XML Graphics Commons as used by IBM Jazz Reporting Service is vulnerable. IBM has addressed the relevant CVE. CVE-2020-11988 Vulnerability Details CVEID:CVE-2020-11988 DESCRIPTION: Apache XML Graphics Commons is vulnerable to server-side request forgery, caused by improper input validatio...

8.2CVSS7.9AI score0.0665EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 1:21 p.m.36 views

Security Bulletin: Vulnerability found in xmlgraphics-commons-1.5.jar which is shipped with IBM® Intelligent Operations Center(CVE-2020-11988)

Summary Vulnerability have been identified in xmlgraphics-commons-1.5.jar which is shipped with IBM® Intelligent Operations Center. Information about this vulnerability affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

8.2CVSS7.9AI score0.0665EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2023/08/26 6:45 a.m.1853 views

Exploit for CVE-2023-21939

JDK CVE-2023-21939 文章链接https://mp.weixin.qq.com/s?biz=M...

5.3CVSS6.8AI score0.02474EPSS
Exploits1
Veracode
Veracode
added 2023/08/24 5:40 a.m.31 views

Server-Side Request Forgery (SSRF)

Apache XML Graphics Batik is vulnerable to Server-Side Request Forgery SSRF. An attacker is able to trick the application into loading a malicious SVG file, which could then be used to cause excess resource consumption or make unauthorized requests to other systems...

7.1CVSS6.9AI score0.00786EPSS
Exploits0References10Affected Software3
Github Security Blog
Github Security Blog
added 2023/08/22 9:30 p.m.42 views

Apache Batik information disclosure vulnerability

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

4.4CVSS5.6AI score0.00749EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2023/08/22 9:30 p.m.49 views

Apache XML Graphics Batik Server-Side Request Forgery vulnerability

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS6.6AI score0.00786EPSS
Exploits0References11Affected Software3
NVD
NVD
added 2023/08/22 7:16 p.m.26 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS7AI score0.00786EPSS
Exploits0References6
OSV
OSV
added 2023/08/22 7:16 p.m.13 views

CVE-2022-44730

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

4.4CVSS5.8AI score
Exploits0References6
OSV
OSV
added 2023/08/22 7:16 p.m.12 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS7.1AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.68 views

CVE-2022-44730

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

4.4CVSS6.8AI score0.00749EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.53 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS6.8AI score0.00786EPSS
Exploits0References7
Prion
Prion
added 2023/08/22 7:16 p.m.26 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

3.3CVSS5AI score0.00749EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2023/08/22 7:16 p.m.31 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

3.3CVSS6.5AI score0.00786EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2023/08/22 2:12 p.m.24 views

CVE-2022-44729 Apache XML Graphics Batik: Information disclosure vulnerability

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.2AI score0.00786EPSS
Exploits0References6
CVE
CVE
added 2023/08/22 2:12 p.m.447 views

CVE-2022-44729

CVE-2022-44729 describes a Server-Side Request Forgery (SSRF) in Apache Batik (Apache XML Graphics Batik) affecting version 1.16, where a crafted SVG could trigger loading external resources by default. This behavior can lead to resource consumption and potential information disclosure. The conne...

7.1CVSS6.7AI score0.00786EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2023/08/22 2:12 p.m.40 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS6.5AI score0.00786EPSS
Exploits0
Rows per page
Query Builder