org.apache.xmlgraphics:batik-bridge@1.6.1 vulnerabilities
-
latest version
1.17
-
latest non vulnerable version
-
first published
16 years ago
-
latest version published
8 months ago
-
licenses detected
- [1.6.1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.xmlgraphics:batik-bridge package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). When the How to fix Server-side Request Forgery (SSRF)? Upgrade |
[,1.17)
|
Affected versions of this package are vulnerable to Information Exposure due to the possibility of loading How to fix Information Exposure? Upgrade |
[,1.16)
|
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) by allowing an attacker to load a URL through the jar protocol. The vulnerability exists due to improper handling of URLs through the How to fix Server-side Request Forgery (SSRF)? Upgrade |
[1.0,1.15)
|
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) by allowing an attacker to access files using a Jar URL. The vulnerability exists due to improper handling of URLs through the `DefaultScriptSecurity' function. How to fix Server-side Request Forgery (SSRF)? Upgrade |
[1.0,1.15)
|
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) by allowing an attacker to fetch external resources. How to fix Server-side Request Forgery (SSRF)? Upgrade |
[1.0,1.15)
|