Published: 24/02/2021 Updated: 01/02/2024

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.2 | Impact Score: 4.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. (CVE-2020-11987) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. (CVE-2022-38398) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. (CVE-2022-38648) Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an malicious user to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. (CVE-2022-40146) A vulnerability in Batik of Apache XML Graphics allows an malicious user to run untrusted Java code from an SVG. This issue affects Apache XML Graphics before 1.16. It is recommended to update to version 1.16. (CVE-2022-41704) A vulnerability in Batik of Apache XML Graphics allows an malicious user to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics before 1.16. Users are recommended to upgrade to version 1.16. (CVE-2022-42890)

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache batik
fedoraproject fedora 33
fedoraproject fedora 34
oracle enterprise repository 11.1.1.7.0
oracle retail back office 14.1
oracle weblogic server 12.2.1.3.0
oracle retail order broker 15.0
oracle retail order broker 16.0
oracle retail returns management 14.1
oracle retail central office 14.1
oracle retail point-of-service 14.1
oracle instantis enterprisetrack 17.1
oracle instantis enterprisetrack 17.2
oracle instantis enterprisetrack 17.3
oracle communications metasolv solution 6.3.0
oracle banking digital experience 18.3
oracle banking digital experience 19.1
oracle weblogic server 12.2.1.4.0
oracle fusion middleware mapviewer 12.2.1.4.0
oracle weblogic server 14.1.1.0.0
oracle banking digital experience 19.2
oracle banking digital experience 20.1
oracle communications offline mediation controller 12.0.0.3.0
oracle agile engineering data management 6.2.1.0
oracle communications metasolv solution 6.3.1
oracle communications application session controller 3.9m0p3
oracle insurance policy administration
oracle retail order management system cloud service 19.5
oracle flexcube universal banking
oracle banking digital experience 21.1
oracle banking apis 19.1
oracle banking apis 19.2
oracle banking apis 20.1
oracle banking apis 21.1
oracle banking apis 18.3
oracle product lifecycle analytics 3.6.1
debian debian linux 10.0

Debian Bug report logs - #984829 batik: CVE-2020-11987 Package: src:batik; Maintainer for src:batik is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 8 Mar 2021 19:54:01 UTC Severity: important Tags: security, upstream Found i ...

Apache Batik 113 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests (CVE-2020-11987) Server-Side Request Forgery (SSRF) vulnerability in Batik of A ...

Apache Batik 113 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests ...

The Apache Batik library before version 114 is vulnerable to server-side request forgery (SSRF) via the NodePickerPanel that allow an attacker to cause the underlying server to make arbitrary GET requests ...

An HTML to PDF library for the JVM. Based on Flying Saucer and Apache PDF-BOX 2. With SVG image support. Now also with accessible PDF support (WCAG, Section 508, PDF/UA)!

OPEN HTML TO PDF OVERVIEW Open HTML to PDF is a pure-Java library for rendering a reasonable subset of well-formed XML/XHTML (and even some HTML5) using CSS 21 (and later standards) for layout and formatting, outputting to PDF or images Use this library to generated nice looking PDF documents But be aware that you can not throw modern HTML5+ at this engine and expect a grea

CWE-20 CWE-918 https://xmlgraphics.apache.org/security.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/https://security.gentoo.org/glsa/202401-11 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984829 https://nvd.nist.gov https://github.com/danfickle/openhtmltopdf https://alas.aws.amazon.com/ALAS-2023-1695.html

CVE-2020-11987

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect