Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37690
HistoryOct 26, 2022 - 8:41 a.m.

Information Disclosure

2022-10-2608:41:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
information disclosure
vulnerability
batik-script
rhinoclassshutter.java
arbitrary codes

EPSS

0.009

Percentile

83.1%

batik-script is vulnerable to information disclosure. The vulnerability is due to the visibleToScripts function in RhinoClassShutter.java not restricting access to batik internals from script which allows an attacker to execute arbitrary codes.