org.apache.xmlgraphics:batik-bridge
Maven4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.xmlgraphics:batik-bridgepage 1 of 1
- CVE-2022-38398MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.152022-09-22
vulnerable: 1.14
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
- CVE-2022-38648MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.152022-09-22
vulnerable: 1.10 ... 1.9.1 (10 versions)
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
- CVE-2022-42890HIGHCVSS 7.5EG 7.5✓ Fixed in 1.162022-10-25
vulnerable: 1.10 ... 1.9.1 (11 versions)
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.
- CVE-2022-44729HIGHCVSS 7.1EG 7.1✓ Fixed in 1.172023-08-22
vulnerable: 1.10 ... 1.9.1 (12 versions)
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by defa…
Check whether org.apache.xmlgraphics:batik-bridge is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.xmlgraphics:batik-bridge CVEs against the assets you own.
Start Free Scan →