VulnerableCode Package Details - pkg:maven/org.apache.xmlgraphics/batik-script@1.16

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.xmlgraphics/batik-script@1.16

purl	pkg:maven/org.apache.xmlgraphics/batik-script@1.16

Next non-vulnerable version	1.17
Latest non-vulnerable version	1.17
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-q3pc-1rx9-8khw Aliases: CVE-2022-44730 GHSA-2474-2566-3qxp	Apache Batik information disclosure vulnerability Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.	1.17 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-hmf4-tru4-x7aj	A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.	CVE-2022-42890 GHSA-rwqr-m72q-v6cm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T04:03:14.826178+00:00	GitLab Importer	Affected by	VCID-q3pc-1rx9-8khw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-script/CVE-2022-44730.yml	38.6.0
2026-06-05T17:12:56.523314+00:00	GitLab Importer	Fixing	VCID-hmf4-tru4-x7aj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-script/CVE-2022-42890.yml	38.6.0