CVE-2019-17566: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted…

high7.5CVSS 3.1

AVNACLPRNUINSUCNIHAN

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

Affected

35 ranges· showing 25

Vendor	Product	Version range	Fixed in
apache	batik	< 1.13	1.13
apache	batik	>= 0 < 1.12-1.1	1.12-1.1
apache	batik	>= 0 < 1.12-1.1	1.12-1.1
apache	batik	>= 0 < 1.12-1.1	1.12-1.1
apache	batik	>= 0 < 1.12-1.1	1.12-1.1
apache	batik	>= 0 < 1.10-2~18.04.1	1.10-2~18.04.1
apache	batik	>= 0 < 1.12-1ubuntu0.1	1.12-1ubuntu0.1
apache	batik	>= 0 < 1.14-1ubuntu0.2	1.14-1ubuntu0.2
apache	batik	>= 0 < 1.7.ubuntu-8ubuntu2.14.04.3+esm1	1.7.ubuntu-8ubuntu2.14.04.3+esm1
apache	batik	>= 0 < 1.8-3ubuntu1+esm1	1.8-3ubuntu1+esm1
debian	batik	< batik 1.12-1.1 (bookworm)	batik 1.12-1.1 (bookworm)
oracle	api_gateway	—	—
oracle	business_intelligence	—	—
oracle	business_intelligence	—	—
oracle	business_intelligence	—	—
oracle	business_intelligence	—	—
oracle	communications_application_session_controller	—	—
oracle	communications_metasolv_solution	6.3.0 – 6.3.1	—
oracle	communications_offline_mediation_controller	—	—
oracle	enterprise_repository	—	—
oracle	financial_services_analytical_applications_infrastructure	8.0.6 – 8.1.0	—
oracle	fusion_middleware_mapviewer	—	—
oracle	hospitality_opera_5	—	—
oracle	hospitality_opera_5	—	—
oracle	hyperion_financial_reporting	—	—

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

osv7.5HIGH