Bugzilla – Bug 1203674
VUL-0: CVE-2022-38398: xmlgraphics-batik: information disclosure vulnerability
Last modified: 2022-10-10 16:49:19 UTC
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics
allows an attacker to load a url thru the jar protocol. This issue affects
Apache XML Graphics Batik 1.14.
Thanks Robert for your report.
I'm no longer maintainer or bugowner for Java related packages. This is done by Fridrich Strba now. Thanks Fridrich for taking over!
tracking as affected: