XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x prior to 1.8 allows remote malicious users to read arbitrary files or cause a denial of service via a crafted SVG file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.10 |
||
apache batik |
||
redhat jboss enterprise brms platform |