Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache batik 1.14 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-38648
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
5.3
CVSSv3
CVE-2022-38398
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2022-40146
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2022-42890
A vulnerability in Batik of Apache XML Graphics allows an malicious user to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics before 1.16. Users are recommended to upgrade to version 1.16.
Apache Batik
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-41704
A vulnerability in Batik of Apache XML Graphics allows an malicious user to run untrusted Java code from an SVG. This issue affects Apache XML Graphics before 1.16. It is recommended to update to version 1.16.
Apache Batik
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.2
CVSSv3
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
Apache Batik
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Retail Point-of-service 14.1
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Communications Metasolv Solution 6.3.0
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Fusion Middleware Mapviewer 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started