Unity Linux 20.1070e Security Update: xmlgraphics-commons (UTSA-2026-016739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016739 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

EUVD-2022-0985

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-11988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop

This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: Security issues fixed: CVE-2024-28168: Fixed improper restriction of XML External Entity XXE reference bsc1231428 Upstream...

SUSE-SU-2024:4054-1 Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop

This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: - Security issues fixed: CVE-2024-28168: Fixed improper restriction of XML External Entity XXE reference bsc1231428 -...

SUSE: Security Advisory (SUSE-SU-2024:4054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:12403-1 xmlgraphics-commons-2.6-3.1 on GA media

These are all security issues fixed in the xmlgraphics-commons-2.6-3.1 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : xmlgraphics-commons (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xmlgraphics-commons: SSRF due to improper input validation by the XMPParser CVE-2020-11988 Note that Nessus has not...

RHEL 6 : xmlgraphics-commons (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xmlgraphics-commons: SSRF due to improper input validation by the XMPParser CVE-2020-11988 Note that Nessus has not...

Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: xmlgraphics-commons-2.9-3.fc40

Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...

Medium: xmlgraphics-commons

Issue Overview: Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET...

Amazon Linux 2 : xmlgraphics-commons (ALAS-2024-2411)

The version of xmlgraphics-commons installed on the remote host is prior to 1.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2411 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input...

Oracle Business Intelligence Enterprise Edition (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...

SUSE CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

SUSE SLES12 Security Update : xmlgraphics-commons (SUSE-SU-2022:3550-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3550-1 advisory. - Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the...

SUSE-SU-2022:3550-1 Security update for xmlgraphics-commons

This update for xmlgraphics-commons fixes the following issues: - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc281607...

ai.tock:tock-shared (>=19.9.4 <=26.3.1), ar.com.fdvs:DynamicJasper (>=5.1.2 <=5.3.2) +2614 more potentially affected by CVE-2020-11988 via org.apache.xmlgraphics:xmlgraphics-commons (>=1.1 <=2.4)

org.apache.xmlgraphics:xmlgraphics-commons MAVEN version =1.1, =19.9.4, =5.1.2, =1.0.7, =1.10.2, =1.13.0, =0.1.1, =0.5.0, =0.11.1, =0.0.2, =0.0.1, =0.0.1, =0.0.3 and more Source cves: CVE-2020-11988 Source advisory: OSV:GHSA-FMJ2-7WX8-QJ4V...

GHSA-FMJ2-7WX8-QJ4V Server-side request forgery (SSRF) in Apache XmlGraphics Commons

Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

Server-side request forgery (SSRF) in Apache XmlGraphics Commons

Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...