59 matches found
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
Apache XmlGraphics Commons Server-Side Request Forgery Vulnerability
Apache XmlGraphics Commons is Apach open source a system library . Provides several reusable libraries. Apache XmlGraphics Commons 2.4 suffers from a server-side request forgery vulnerability that stems from the failure of XMPParser to properly validate inputs, which can be exploited by an attack...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
DEBIAN-CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
UBUNTU-CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier are vulnerable to server-side request forgery (SSRF) via the XMPParser due to improper input validation. An attacker could trigger the server to make arbitrary GET requests. Remediation is to upgrade to 2.6 or later. Connected documents (IBM, Astra Linux...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
CVE-2020-11988
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...
PT-2021-5808 · Apache +3 · Apache Xmlgraphics Commons +3
Name of the Vulnerable Software and Affected Versions: Apache XmlGraphics Commons versions 2.4 and earlier Description: The issue is related to server-side request forgery caused by improper input validation by the XMPParser. An attacker could exploit this by using a specially-crafted argument to...
OPENSUSE-SU-2020:1043-1 Security update for xmlgraphics-batik
This update for xmlgraphics-batik fixes the following issues: - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests bsc1172961. This update was imported from the SUSE:SLE-15-SP1:Update update project. This update was imported from the...
Security update for xmlgraphics-batik (moderate)
openSUSE Security Update: Security update for xmlgraphics-batik Announcement ID: openSUSE-SU-2020:1043-1 Rating: moderate References: 1172961 Cross-References: CVE-2019-17566 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: Thi...
openSUSE Security Update : xmlgraphics-batik (openSUSE-2020-851)
This update for xmlgraphics-batik fixes the following issues : - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests bsc1172961. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The...
SUSE-SU-2020:1800-1 Security update for xmlgraphics-batik
This update for xmlgraphics-batik fixes the following issues: - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests bsc1172961...
openSUSE: Security Advisory for xmlgraphics-batik (openSUSE-SU-2020:0851-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0851-1 Security update for xmlgraphics-batik
This update for xmlgraphics-batik fixes the following issues: - CVE-2019-17566: Fixed a SSRF which might have allowed the underlying server to make arbitrary GET requests bsc1172961. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for xmlgraphics-batik (moderate)
openSUSE Security Update: Security update for xmlgraphics-batik Announcement ID: openSUSE-SU-2020:0851-1 Rating: moderate References: 1172961 Cross-References: CVE-2019-17566 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update fo...
Fedora 25 : batik (2017-43b46cd2da)
Security fix for CVE-2017-5662 ---- Add missing requires on xmlgraphics-commons Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...