VYPR

Maven package

org.apache.xmlgraphics/batik-svgbrowser

pkg:maven/org.apache.xmlgraphics/batik-svgbrowser

Vulnerabilities (1)

  • CVE-2020-11987Feb 24, 2021
    affected < 1.14fixed 1.14

    Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.