Information on source package batik

Available versions

ReleaseVersion
buster1.10-2+deb10u1
buster (security)1.10-2+deb10u3
bullseye1.12-4+deb11u2
bullseye (security)1.12-4+deb11u1
bookworm1.16+dfsg-1+deb12u1
trixie1.17+dfsg-1
sid1.17+dfsg-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-40146fixedvulnerable (no DSA)fixedfixedfixedServer-Side Request Forgery (SSRF) vulnerability in Batik of Apache XM ...
CVE-2022-38648fixedvulnerable (no DSA)fixedfixedfixedServer-Side Request Forgery (SSRF) vulnerability in Batik of Apache XM ...
CVE-2022-38398fixedvulnerable (no DSA)fixedfixedfixedServer-Side Request Forgery (SSRF) vulnerability in Batik of Apache XM ...
CVE-2020-11987fixedvulnerable (no DSA)fixedfixedfixedApache Batik 1.13 is vulnerable to server-side request forgery, caused ...

Resolved issues

BugDescription
CVE-2022-44730Server-Side Request Forgery (SSRF) vulnerability in Apache Software Fo ...
CVE-2022-44729Server-Side Request Forgery (SSRF) vulnerability in Apache Software Fo ...
CVE-2022-42890A vulnerability in Batik of Apache XML Graphics allows an attacker to ...
CVE-2022-41704A vulnerability in Batik of Apache XML Graphics allows an attacker to ...
CVE-2019-17566Apache Batik is vulnerable to server-side request forgery, caused by i ...
CVE-2018-8013In Apache Batik 1.x before 1.10, when deserializing subclass of `Abstr ...
CVE-2017-5662In Apache Batik before 1.9, files lying on the filesystem of the serve ...
CVE-2015-0250XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) ...
CVE-2005-0508Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attack ...

Security announcements

DSA / DLADescription
DLA-3619-1batik - security update
DSA-5264-1batik - security update
DLA-3169-1batik - security update
DSA-4215-1batik - security update
DLA-1385-1batik - security update
DLA-926-1batik - security update
DSA-3205-1batik - security update
DLA-182-1batik - security update

Search for package or bug name: Reporting problems