java-batik

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description SVG library for Java.
Version 1.14-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1617 1.13-1 1.14-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-11987 AVG-1617 Medium Yes Url request injection
The Apache Batik library before version 1.14 is vulnerable to server- side request forgery (SSRF) via the NodePickerPanel that allow an attacker to cause...