Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.xmlgraphics/batik-bridge@1.15
purl pkg:maven/org.apache.xmlgraphics/batik-bridge@1.15
Next non-vulnerable version 1.17
Latest non-vulnerable version 1.17
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-ewrb-sx6p-mqbj
Aliases:
CVE-2022-41704
GHSA-r29w-r9ph-vm76
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
1.16
Affected by 1 other vulnerability.
VCID-hmf4-tru4-x7aj
Aliases:
CVE-2022-42890
GHSA-rwqr-m72q-v6cm
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.
1.16
Affected by 1 other vulnerability.
VCID-zxeg-w6n7-cbe3
Aliases:
CVE-2022-44729
GHSA-gq5f-xv48-2365
Apache XML Graphics Batik Server-Side Request Forgery vulnerability Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.
1.17
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-37s5-46dd-5fgm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38648
GHSA-53jm-3hc9-fqqc
VCID-kmrp-p4uh-27dm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-40146
GHSA-h4qg-p7r2-cpg3
VCID-vuwh-jn2m-n3ht Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38398
GHSA-c5xv-qc8p-mh2v

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T04:03:12.084686+00:00 GitLab Importer Affected by VCID-zxeg-w6n7-cbe3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-44729.yml 38.6.0
2026-06-06T03:07:56.142845+00:00 GitLab Importer Affected by VCID-ewrb-sx6p-mqbj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-41704.yml 38.6.0
2026-06-06T03:07:51.882201+00:00 GitLab Importer Affected by VCID-hmf4-tru4-x7aj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-42890.yml 38.6.0
2026-06-05T21:35:52.449530+00:00 GHSA Importer Fixing VCID-37s5-46dd-5fgm https://github.com/advisories/GHSA-53jm-3hc9-fqqc 38.6.0
2026-06-05T21:35:52.189269+00:00 GHSA Importer Fixing VCID-vuwh-jn2m-n3ht https://github.com/advisories/GHSA-c5xv-qc8p-mh2v 38.6.0
2026-06-05T17:12:16.822168+00:00 GitLab Importer Fixing VCID-kmrp-p4uh-27dm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-40146.yml 38.6.0
2026-06-05T17:12:16.024605+00:00 GitLab Importer Fixing VCID-37s5-46dd-5fgm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-38648.yml 38.6.0
2026-06-05T17:12:15.784277+00:00 GitLab Importer Fixing VCID-vuwh-jn2m-n3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-38398.yml 38.6.0
2026-06-04T17:46:16.706410+00:00 GithubOSV Importer Fixing VCID-vuwh-jn2m-n3ht https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-c5xv-qc8p-mh2v/GHSA-c5xv-qc8p-mh2v.json 38.6.0
2026-06-04T17:46:08.084309+00:00 GithubOSV Importer Fixing VCID-37s5-46dd-5fgm https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-53jm-3hc9-fqqc/GHSA-53jm-3hc9-fqqc.json 38.6.0