Amazon Linux 2 : xmlgraphics-commons (ALAS-2024-2411)

The version of xmlgraphics-commons installed on the remote host is prior to 1.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2411 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input...

Oracle Business Intelligence Enterprise Edition (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...

SUSE CVE-2020-11988

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

SUSE SLES12 Security Update : xmlgraphics-commons (SUSE-SU-2022:3550-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3550-1 advisory. - Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the...

SUSE-SU-2022:3550-1 Security update for xmlgraphics-commons

This update for xmlgraphics-commons fixes the following issues: - Update to version 2.6 - CVE-2020-11988: Fixed a server-side request forgery caused by improper input validation by the XMPParser. bsc281607...

ca.ace-design-lab:island-arena (=3.0), ca.ace-design-lab:island-engine (=3.0) +386 more potentially affected by CVE-2017-5661 via org.apache.xmlgraphics:fop (>=0.93 <=2.11)

org.apache.xmlgraphics:fop MAVEN version =0.93, =2.0.8, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.1.2 and more Source cves: CVE-2017-5661 Source advisory: OSV:GHSA-5HG8-R9VQ-GJQP...

ai.tock:tock-shared (>=19.9.4 <=26.3.2), ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260516142404) +2637 more potentially affected by CVE-2020-11988 via org.apache.xmlgraphics:xmlgraphics-commons (>=1.1 <=2.4)

org.apache.xmlgraphics:xmlgraphics-commons MAVEN version =1.1, =19.9.4, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =5.1.2, =1.0.7, =1.10.2, =1.13.0, =1.16.0...

GHSA-FMJ2-7WX8-QJ4V Server-side request forgery (SSRF) in Apache XmlGraphics Commons

Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

Server-side request forgery (SSRF) in Apache XmlGraphics Commons

Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

Mageia: Security Advisory (MGASA-2021-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability of XML format conversion software in xmlgraphics-commons, due to insufficient validation of input data, allows attackers to access confidential information and compromise its integrity.

The vulnerability of XML format conversion software in xmlgraphics-commons is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...

Critical: Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update

A minor version update from 7.9 to 7.10 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring...

xmlgraphics-commons: SSRF due to improper input validation by the XMPParser

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

xmlgraphics-commons: SSRF due to improper input validation by the XMPParser

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

Fedora 33 : xmlgraphics-commons (2021-c07a9e79cf)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c07a9e79cf advisory. - Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...

Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2021-c07a9e79cf)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2021-c07a9e79cf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for xmlgraphics-commons (FEDORA-2021-aa2936e810)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

MGASA-2021-0144 Updated xmlgraphics-commons packages fix a security vulnerability

The Apache XML Graphics Commons library is vulnerable to SSRF via the XMPParser that allow an attacker to cause the underlying server to make arbitrary GET requests CVE-2020-11988...