Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-41704
HistoryOct 25, 2022 - 12:00 a.m.

CVE-2022-41704

2022-10-2500:00:00
ubuntu.com
ubuntu.com
33
apache xml graphics
vulnerability
untrusted code
svg
update
unix

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.011

Percentile

84.5%

A vulnerability in Batik of Apache XML Graphics allows an attacker to run
untrusted Java code from an SVG. This issue affects Apache XML Graphics
prior to 1.16. It is recommended to update to version 1.16.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchbatik< 1.10-2~18.04.1UNKNOWN
ubuntu20.04noarchbatik< 1.12-1ubuntu0.1UNKNOWN
ubuntu22.04noarchbatik< 1.14-1ubuntu0.2UNKNOWN
ubuntu22.10noarchbatik< 1.14-2ubuntu0.1UNKNOWN
ubuntu24.04noarchbatik< anyUNKNOWN
ubuntu14.04noarchbatik< 1.7.ubuntu-8ubuntu2.14.04.3+esm1UNKNOWN
ubuntu16.04noarchbatik< 1.8-3ubuntu1+esm1UNKNOWN

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.011

Percentile

84.5%