CVE-2022-42890

Synopsis Critical: Red Hat Fuse 712 release and security update Type/Severity Security Advisory: Critical Topic A minor version update (from 711 to 712) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update as h ...

It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file For the stable distribution (bullseye), these problems have been fixed in version 112-4+deb11u1 We recommend that you upgrade your batik packages For the detailed security status of batik please refer to i ...

Apache Batik 113 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests (CVE-2020-11987) Server-Side Request Forgery (SSRF) vulnerability in Batik of A ...

Apache Batik 113 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests (CVE-2020-11987) Server-Side Request Forgery (SSRF) vulnerability in Batik of A ...