fop
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | XSL-FO to PDF formatter |
| Version | 2.9-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-254 | 2.1-1 | 2.2-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-5661 | AVG-254 | Medium | Yes | Xml external entity injection | Files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 21 May 2017 | ASA-201705-19 | AVG-254 | Medium | xml external entity injection |