{"affected":[{"ecosystem_specific":{"binaries":[{"xmlgraphics-batik":"1.17-2.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"xmlgraphics-batik","purl":"pkg:rpm/suse/xmlgraphics-batik&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.17-2.7.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xmlgraphics-batik fixes the following issues:\n\n- CVE-2017-5662: Fixed Apache Batik information disclosure vulnerability (bsc#1034675).\n- CVE-2019-17566: Fixed SSRF vulnerability (bsc#1172961).\n- CVE-2020-11987: Fixed Apache XML Graphics Batik SSRF vulnerability (bsc#1182748).\n- CVE-2022-38398: Fixed information disclosure vulnerability (bsc#1203674).\n- CVE-2022-38648: Fixed information disclosure vulnerability (bsc#1203673).\n- CVE-2022-40146: Fixed information disclosure vulnerability (bsc#1203672).\n- CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik (bsc#1204704).\n- CVE-2022-42890: Fixed information disclosure vulnerability in Apache Batik (bsc#1204709).\n- CVE-2022-44729: Fixed Server-Side Request Forgery.\n- CVE-2022-44730: Fixed Server-Side Request Forgery.\n\nUpgrade to version 1.17.\n","id":"SUSE-SU-2024:0777-1","modified":"2024-03-06T11:54:24Z","published":"2024-03-06T11:54:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20240777-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1034675"},{"type":"REPORT","url":"https://bugzilla.suse.com/1172961"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182748"},{"type":"REPORT","url":"https://bugzilla.suse.com/1203672"},{"type":"REPORT","url":"https://bugzilla.suse.com/1203673"},{"type":"REPORT","url":"https://bugzilla.suse.com/1203674"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204704"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204709"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5662"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17566"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-11987"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-38398"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-38648"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-40146"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-41704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-42890"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-44729"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-44730"}],"related":["CVE-2017-5662","CVE-2019-17566","CVE-2020-11987","CVE-2022-38398","CVE-2022-38648","CVE-2022-40146","CVE-2022-41704","CVE-2022-42890","CVE-2022-44729","CVE-2022-44730"],"summary":"Security update for xmlgraphics-batik","upstream":["CVE-2017-5662","CVE-2019-17566","CVE-2020-11987","CVE-2022-38398","CVE-2022-38648","CVE-2022-40146","CVE-2022-41704","CVE-2022-42890","CVE-2022-44729","CVE-2022-44730"]}