Bugzilla – Bug 1203672
VUL-0: CVE-2022-40146: xmlgraphics-batik: information disclosure vulnerability
Last modified: 2022-10-10 16:49:12 UTC
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics
allows an attacker to access files using a Jar url. This issue affects Apache
XML Graphics Batik 1.14.
Thanks Robert for your report.
I'm no longer maintainer or bugowner for Java related packages. This is done by Fridrich Strba now. Thanks Fridrich for taking over!
tracking as affected: