CVE-2022-38398

Опубликовано: 22 сент. 2022

Источник: ubuntu

Приоритет: medium

CVSS3: 5.3

Описание

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

Релиз	Статус	Примечание
bionic	released	1.10-2~18.04.1
devel	needs-triage
esm-apps/bionic	released	1.10-2~18.04.1
esm-apps/focal	released	1.12-1ubuntu0.1
esm-apps/jammy	released	1.14-1ubuntu0.2
esm-apps/noble	needs-triage
esm-apps/xenial	released	1.8-3ubuntu1+esm1
esm-infra-legacy/trusty	DNE	trusty/esm was released [1.7.ubuntu-8ubuntu2.14.04.3+esm1]
focal	released	1.12-1ubuntu0.1
jammy	released	1.14-1ubuntu0.2

Показывать по

Ссылки на источники

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2022-38398

CVSS3: 5.3

redhat

больше 3 лет назад

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

CVE-2022-38398

CVSS3: 5.3

nvd

больше 3 лет назад

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

CVE-2022-38398

CVSS3: 5.3

debian

больше 3 лет назад

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XM ...

GHSA-c5xv-qc8p-mh2v

CVSS3: 5.3

github

больше 3 лет назад

Apache Batik Server-Side Request Forgery

SUSE-SU-2024:0777-1

suse-cvrf

почти 2 года назад

Security update for xmlgraphics-batik

5.3 Medium

CVSS3

CVE-2022-38398

Описание

Пакет batik

Ссылки на источники

Связанные уязвимости