Apache Batik
2 CVEs affecting Apache Batik. Latest disclosed: 2017-04-18. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-5662 | High | 7.3 | 2017-04-18 | In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG fil… |
CVE-2015-0250 | | 2015-03-24 | XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arb… |