Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache batik 1.14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38398
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
NA
CVE-2022-38648
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
NA
CVE-2022-40146
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
Apache Batik 1.14
Debian Debian Linux 10.0
NA
CVE-2022-41704
A vulnerability in Batik of Apache XML Graphics allows an malicious user to run untrusted Java code from an SVG. This issue affects Apache XML Graphics before 1.16. It is recommended to update to version 1.16.
Apache Batik
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-42890
A vulnerability in Batik of Apache XML Graphics allows an malicious user to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics before 1.16. Users are recommended to upgrade to version 1.16.
Apache Batik
Debian Debian Linux 10.0
Debian Debian Linux 11.0
570
VMScore
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
Apache Batik
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Retail Point-of-service 14.1
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Communications Metasolv Solution 6.3.0
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Fusion Middleware Mapviewer 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started