Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe

Filtered by product Batik

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-0250	3 Apache, Canonical, Redhat	3 Batik, Ubuntu Linux, Jboss Enterprise Brms Platform	2017-11-04	6.4 MEDIUM	N/A
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
CVE-2005-0508	1 Apache	1 Batik	2008-09-10	4.6 MEDIUM	N/A
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."