CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-41704 – Apache Batik prior to 1.16 allows RCE when loading untrusted SVG input
https://notcve.org/view.php?id=CVE-2022-41704
25 Oct 2022 — A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16. Una vulnerabilidad en Batik de Apache XML Graphics permite a un atacante ejecutar código Java no confiable desde un SVG. Este problema afecta a Apache XML Graphics versiones anteriores a 1.16. • http://www.openwall.com/lists/oss-security/2022/10/25/2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-42890 – Apache Batik prior to 1.16 allows RCE via scripting
https://notcve.org/view.php?id=CVE-2022-42890
25 Oct 2022 — A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16. Una vulnerabilidad en Batik de Apache XML Graphics permite a un atacante ejecutar código Java desde un SVG no confiable por medio de JavaScript. Este problema afecta a Apache XML Graphics versiones anteriores a 1.16. • http://www.openwall.com/lists/oss-security/2022/10/25/3 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.2EPSS: 0%CPEs: 37EXPL: 0CVE-2020-11987 – batik: SSRF due to improper input validation by the NodePickerPanel
https://notcve.org/view.php?id=CVE-2020-11987
24 Feb 2021 — Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Apache Batik versión 1.13 es vulnerable a un ataque de tipo server-side request forgery, causada por una comprobación de entrada inapropiada por parte de NodePickerPanel. Al usar un argumento especialmente diseñado, un atacante podría e... • https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E • CWE-20: Improper Input Validation CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2019-17566 – batik: SSRF via "xlink:href"
https://notcve.org/view.php?id=CVE-2019-17566
06 Nov 2020 — Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Apache Batik es vulnerable a un ataque de tipo server-side request forgery, causada por una comprobación inapropiada de la entrada por parte de los atributos "xlink:href". Al utilizar un argumento especialmente diseñado, un atacante ... • https://lists.apache.org/thread.html/rab94fe68b180d2e2fba97abf6fe1ec83cff826be25f86cd90f047171%40%3Ccommits.myfaces.apache.org%3E • CWE-352: Cross-Site Request Forgery (CSRF) CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 1%CPEs: 41EXPL: 0CVE-2018-8013 – Gentoo Linux Security Advisory 202401-11
https://notcve.org/view.php?id=CVE-2018-8013
24 May 2018 — In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization. En Apache Batik en versiones 1.x anteriores a la 1.10, cuando se deserializa la subclase de "AbstractDocument", la clase toma una cadena de inputStream como el nombre de clase y lo emplea para llamar al constructor no-arg ... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5662 – batik: XML external entity processing vulnerability
https://notcve.org/view.php?id=CVE-2017-5662
18 Apr 2017 — In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 1CVE-2015-0250 – Schneider Electric EcoStruxure Data Center Expert XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-0250
23 Mar 2015 — XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file. Vulnerabilidad de entidad externa XML (XXE) en los gráficos vectoriales redimensionables en las clases de conversión (1) PNG y (2) JPG en Apache Batik 1.x anterior a 1.8 permite a atacantes remotos leer ficheros arbitrarios o causar una denegación de servicio a través de un fichero de g... • http://advisories.mageia.org/MGASA-2015-0138.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2005-0508
https://notcve.org/view.php?id=CVE-2005-0508
22 Feb 2005 — Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue." • http://secunia.com/advisories/14336 •