AVG-1617 log

Package java-batik
Status Fixed
Severity Medium
Type url request injection
Affected 1.13-1
Fixed 1.14-1
Current 1.14-1 [community]
Ticket None
Created Wed Feb 24 14:18:00 2021
Issue Severity Remote Type Description
CVE-2020-11987 Medium Yes Url request injection
The Apache Batik library before version 1.14 is vulnerable to server- side request forgery (SSRF) via the NodePickerPanel that allow an attacker to cause...