Description
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
Remediation
References
http://www.openwall.com/lists/oss-security/2022/10/25/2
https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf
https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html
https://security.gentoo.org/glsa/202401-11
https://www.debian.org/security/2022/dsa-5264
Related Vulnerabilities
CVE-2022-30506 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2020-35213 Vulnerability in maven package io.atomix:atomix
CVE-2020-8022 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2022-23624 Vulnerability in npm package frourio-express
CVE-2022-45380 Vulnerability in maven package org.jenkins-ci.plugins:junit