AVG-1617 log
| Package | java-batik |
| Status | Fixed |
| Severity | Medium |
| Type | url request injection |
| Affected | 1.13-1 |
| Fixed | 1.14-1 |
| Current | 1.17-1 [extra] |
| Ticket | None |
| Created | Wed Feb 24 14:18:00 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-11987 | Medium | Yes | Url request injection | The Apache Batik library before version 1.14 is vulnerable to server- side request forgery (SSRF) via the NodePickerPanel that allow an attacker to cause... |