CVE-2022-42890: Untrusted code execution in Apache XML Graphics Batik
(updated )
This advisory has been moved to batik-script.
References
- www.openwall.com/lists/oss-security/2022/10/25/3
- github.com/advisories/GHSA-rwqr-m72q-v6cm
- github.com/apache/xmlgraphics-batik/commit/401aa8595f52d085d40ff5b6b4ac0dd372423082
- github.com/apache/xmlgraphics-batik/commit/52f7a1ad6e3110ec295a35ffc94410eef085707a
- github.com/apache/xmlgraphics-batik/commit/eada57c716a2757579d53017f8b2aeadaad20edd
- issues.apache.org/jira/browse/BATIK-1345
- lists.apache.org/thread/pkvhy0nsj1h1mlon008wtzhosbtxjwly
- nvd.nist.gov/vuln/detail/CVE-2022-42890
- xmlgraphics.apache.org/security.html
Detect and mitigate CVE-2022-42890 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →