Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-41704

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.

Published

2022-10-25T17:15:57.527

Last Modified

2024-11-21T07:23:41.227

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	batik	< 1.16	Yes
Operating System	debian	debian_linux	10.0	Yes
Operating System	debian	debian_linux	11.0	Yes

References

http://www.openwall.com/lists/oss-security/2022/10/25/2 Mailing List, Third Party Advisory ([email protected])
https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html Mailing List, Third Party Advisory ([email protected])
https://security.gentoo.org/glsa/202401-11 ([email protected])
https://www.debian.org/security/2022/dsa-5264 Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/10/25/2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202401-11 (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5264 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)