CVE-2020-11988 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Url request injection
Description	The Apache XML Graphics Commons library before version 2.6 is vulnerable to server-side request forgery (SSRF) via the XMPParser that allow an attacker to cause the underlying server to make arbitrary GET requests.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1618	java-xmlgraphics-commons	2.4-2	2.6-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/02/24/1 https://xmlgraphics.apache.org/security.html https://issues.apache.org/jira/browse/XGC-122 https://svn.apache.org/viewvc?view=revision&revision=1878394

References

https://www.openwall.com/lists/oss-security/2021/02/24/1
https://xmlgraphics.apache.org/security.html
https://issues.apache.org/jira/browse/XGC-122
https://svn.apache.org/viewvc?view=revision&revision=1878394