Apache XmlGraphics Commons 2.4 and previous versions is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache xmlgraphics commons |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |