[CVE-2022-44730] Apache Batik information disclosure vulnerability

Tue, 22 Aug 2023 01:05:37 -0700 

CVE-2022-44730:
        Apache Batik information disclosure vulnerability

Severity:
        Medium

Vendor:
        The Apache Software Foundation

Versions Affected:
        Batik 1.0 - 1.16

Description:
        Switch to empty whitelist for rhino

Mitigation:
        Users should upgrade to Batik 1.17

Credit:
        This issue was independently reported by Julien Lacour

References:
        http://xmlgraphics.apache.org/security.html
        https://issues.apache.org/jira/browse/BATIK-1347

The Apache XML Graphics team.






---------------------------------------------------------------------
To unsubscribe, e-mail: batik-dev-unsubscr...@xmlgraphics.apache.org
For additional commands, e-mail: batik-dev-h...@xmlgraphics.apache.org

Reply via email to