Vulnerabilities > Apache > Batik > 1.14

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-41704 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG.
network
low complexity
apache debian CWE-918
7.5
7.5
2022-10-25 CVE-2022-42890 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript.
network
low complexity
apache debian CWE-918
7.5
7.5
2022-09-22 CVE-2022-38398 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol.
network
low complexity
apache debian
5.3
5.3
2022-09-22 CVE-2022-38648 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources.
network
low complexity
apache debian
5.3
5.3
2022-09-22 CVE-2022-40146 Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url.
network
low complexity
apache debian
7.5
7.5