Search for packages
| purl | pkg:maven/org.apache.xmlgraphics/batik@1.11 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-37s5-46dd-5fgm
Aliases: CVE-2022-38648 GHSA-53jm-3hc9-fqqc |
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. |
Affected by 1 other vulnerability. |
|
VCID-hmf4-tru4-x7aj
Aliases: CVE-2022-42890 GHSA-rwqr-m72q-v6cm |
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16. |
Affected by 0 other vulnerabilities. |
|
VCID-kmrp-p4uh-27dm
Aliases: CVE-2022-40146 GHSA-h4qg-p7r2-cpg3 |
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T03:07:57.141872+00:00 | GitLab Importer | Affected by | VCID-hmf4-tru4-x7aj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-42890.yml | 38.6.0 |
| 2026-06-06T02:59:30.610565+00:00 | GitLab Importer | Affected by | VCID-kmrp-p4uh-27dm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-40146.yml | 38.6.0 |
| 2026-06-06T02:58:44.004433+00:00 | GitLab Importer | Affected by | VCID-37s5-46dd-5fgm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-38648.yml | 38.6.0 |