VDB
GCVE-110-MAGEIA-2024-68
GCVE-110-MAGEIA-2024-68
Advisory Published
The updated packages fix security vulnerabilities:
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML
Graphics allows an attacker to load a url thru the jar protocol.
(CVE-2022-38398)
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML
Graphics allows an attacker to fetch external resources.
(CVE-2022-38648)
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML
Graphics allows an attacker to access files using a Jar url.
(CVE-2022-40146)
A vulnerability in Batik of Apache XML Graphics allows an attacker to
run untrusted Java code from an SVG. (CVE-2022-41704)
A vulnerability in Batik of Apache XML Graphics allows an attacker to
run Java code from untrusted SVG via JavaScript. (CVE-2022-42890)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | lxc | 0 (affected), 5.0.3-1.mga9 (unaffected) | — |
| Mageia | batik | 0 (affected), 1.14-4.1.mga9 (unaffected), 0 (affected), 1.14-4.1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.