Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.xmlgraphics/batik@1.15
purl pkg:maven/org.apache.xmlgraphics/batik@1.15
Next non-vulnerable version 1.16
Latest non-vulnerable version 1.16
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-hmf4-tru4-x7aj
Aliases:
CVE-2022-42890
GHSA-rwqr-m72q-v6cm
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.
1.16
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-37s5-46dd-5fgm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38648
GHSA-53jm-3hc9-fqqc
VCID-kmrp-p4uh-27dm Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-40146
GHSA-h4qg-p7r2-cpg3
VCID-vuwh-jn2m-n3ht Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14. CVE-2022-38398
GHSA-c5xv-qc8p-mh2v

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T03:07:57.161558+00:00 GitLab Importer Affected by VCID-hmf4-tru4-x7aj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-42890.yml 38.6.0
2026-06-05T21:35:52.588087+00:00 GHSA Importer Fixing VCID-kmrp-p4uh-27dm https://github.com/advisories/GHSA-h4qg-p7r2-cpg3 38.6.0
2026-06-05T21:35:52.319480+00:00 GHSA Importer Fixing VCID-37s5-46dd-5fgm https://github.com/advisories/GHSA-53jm-3hc9-fqqc 38.6.0
2026-06-05T21:35:52.058801+00:00 GHSA Importer Fixing VCID-vuwh-jn2m-n3ht https://github.com/advisories/GHSA-c5xv-qc8p-mh2v 38.6.0
2026-06-05T17:12:17.906286+00:00 GitLab Importer Fixing VCID-kmrp-p4uh-27dm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-40146.yml 38.6.0
2026-06-05T17:12:16.505973+00:00 GitLab Importer Fixing VCID-vuwh-jn2m-n3ht https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-38398.yml 38.6.0
2026-06-05T17:12:15.499657+00:00 GitLab Importer Fixing VCID-37s5-46dd-5fgm https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik/CVE-2022-38648.yml 38.6.0
2026-06-04T17:46:16.638013+00:00 GithubOSV Importer Fixing VCID-vuwh-jn2m-n3ht https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-c5xv-qc8p-mh2v/GHSA-c5xv-qc8p-mh2v.json 38.6.0
2026-06-04T17:46:08.014423+00:00 GithubOSV Importer Fixing VCID-37s5-46dd-5fgm https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-53jm-3hc9-fqqc/GHSA-53jm-3hc9-fqqc.json 38.6.0
2026-06-04T17:45:19.977668+00:00 GithubOSV Importer Fixing VCID-kmrp-p4uh-27dm https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-h4qg-p7r2-cpg3/GHSA-h4qg-p7r2-cpg3.json 38.6.0