Bug 1182748 (CVE-2020-11987)

Summary: VUL-0: CVE-2020-11987: xmlgraphics-batik: Apache XML Graphics Batik SSRF vulnerability
Product: [Novell Products] SUSE Security Incidents Reporter: Gianluca Gabrielli <gianluca.gabrielli>
Component: IncidentsAssignee: Fridrich Strba <fstrba>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez, cathy.hu, meissner, smash_bz, thomas.leroy, thomas.schraitle
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/278506/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-11987:5.8:(AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Gianluca Gabrielli 2021-02-25 12:58:07 UTC
CVE-2020-11987

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by
improper input validation by the NodePickerPanel. By using a specially-crafted
argument, an attacker could exploit this vulnerability to cause the underlying
server to make arbitrary GET requests.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11987
http://seclists.org/oss-sec/2021/q1/174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11987
https://xmlgraphics.apache.org/security.html
Comment 1 Gianluca Gabrielli 2021-02-25 12:58:43 UTC
Affected packages:
 * SUSE:SLE-12-SP3:Update/xmlgraphics-batik (v. 1.8)
 * SUSE:SLE-15-SP2:Update/xmlgraphics-batik (v. 1.10)
 
Upstream patch:
 * 0ef5b66 [0]
 
 --
 [0] https://github.com/apache/xmlgraphics-batik/commit/0ef5b661a1f77772d1110877ea9e0287987098f6.patch
Comment 3 Thomas Leroy 2022-09-12 13:38:35 UTC
Any news Thomas?
Comment 5 Matej Cepl 2022-09-27 13:20:50 UTC
This is Java, not Python.