An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1jNXh2LXFjOHAtbWgyds4AAu_9

Apache Batik Server-Side Request Forgery

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 6 months ago

CVSS Score: 5.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Identifiers: GHSA-c5xv-qc8p-mh2v, CVE-2022-38398
References: Blast Radius: 4.1

Affected Packages

Dependent packages: 0
Dependent repositories: 6
Affected Version Ranges: >= 1.0, < 1.15
Fixed in: 1.15
All affected versions: 1.9.1
All unaffected versions: