A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/10/25/2 | Mailing List Third Party Advisory |
https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf | Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202401-11 | |
https://www.debian.org/security/2022/dsa-5264 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2022-10-25T00:00:00
Updated: 2024-01-07T11:06:25.134503
Reserved: 2022-09-28T00:00:00
Link: CVE-2022-41704
JSON object: View
NVD Information
Status : Modified
Published: 2022-10-25T17:15:57.527
Modified: 2024-01-07T11:15:10.407
Link: CVE-2022-41704
JSON object: View
Redhat Information
No data.
CWE