Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.xmlgraphics/batik-dom@1.15
purl pkg:maven/org.apache.xmlgraphics/batik-dom@1.15
Next non-vulnerable version 1.16
Latest non-vulnerable version 1.16
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-ewrb-sx6p-mqbj
Aliases:
CVE-2022-41704
GHSA-r29w-r9ph-vm76
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
1.16
Affected by 0 other vulnerabilities.
VCID-hmf4-tru4-x7aj
Aliases:
CVE-2022-42890
GHSA-rwqr-m72q-v6cm
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.
1.16
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-37s5-46dd-5fgm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38648
GHSA-53jm-3hc9-fqqc
VCID-kmrp-p4uh-27dm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-40146
GHSA-h4qg-p7r2-cpg3
VCID-vuwh-jn2m-n3ht Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38398
GHSA-c5xv-qc8p-mh2v

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T03:07:47.392266+00:00 GitLab Importer Affected by VCID-ewrb-sx6p-mqbj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-41704.yml 38.6.0
2026-06-06T03:07:32.522622+00:00 GitLab Importer Affected by VCID-hmf4-tru4-x7aj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-42890.yml 38.6.0
2026-06-05T17:12:13.641255+00:00 GitLab Importer Fixing VCID-kmrp-p4uh-27dm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-40146.yml 38.6.0
2026-06-05T17:12:13.583550+00:00 GitLab Importer Fixing VCID-vuwh-jn2m-n3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-38398.yml 38.6.0
2026-06-05T17:12:13.218802+00:00 GitLab Importer Fixing VCID-37s5-46dd-5fgm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-38648.yml 38.6.0