{"affected":[{"ecosystem_specific":{"binaries":[{"xmlgraphics-batik":"1.17-150200.4.7.1","xmlgraphics-batik-css":"1.17-150200.4.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP5","name":"xmlgraphics-batik","purl":"pkg:rpm/suse/xmlgraphics-batik&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.17-150200.4.7.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"xmlgraphics-batik":"1.17-150200.4.7.1","xmlgraphics-batik-css":"1.17-150200.4.7.1","xmlgraphics-batik-demo":"1.17-150200.4.7.1","xmlgraphics-batik-javadoc":"1.17-150200.4.7.1","xmlgraphics-batik-rasterizer":"1.17-150200.4.7.1","xmlgraphics-batik-slideshow":"1.17-150200.4.7.1","xmlgraphics-batik-squiggle":"1.17-150200.4.7.1","xmlgraphics-batik-svgpp":"1.17-150200.4.7.1","xmlgraphics-batik-ttf2svg":"1.17-150200.4.7.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"xmlgraphics-batik","purl":"pkg:rpm/opensuse/xmlgraphics-batik&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.17-150200.4.7.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for xmlgraphics-batik fixes the following issues:\n\n- CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik (bsc#1204704).\n- CVE-2022-42890: Fixed information disclosure vulnerability in Apache Batik (bsc#1204709).\n- CVE-2022-44730: Fixed Server-Side Request Forgery.\n- CVE-2022-44729: Fixed Server-Side Request Forgery.\n\nUpgrade to version 1.17.\n","id":"SUSE-SU-2024:0808-1","modified":"2024-03-07T19:46:57Z","published":"2024-03-07T19:46:57Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20240808-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204704"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204709"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-41704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-42890"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-44729"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-44730"}],"related":["CVE-2022-41704","CVE-2022-42890","CVE-2022-44729","CVE-2022-44730"],"summary":"Security update for xmlgraphics-batik","upstream":["CVE-2022-41704","CVE-2022-42890","CVE-2022-44729","CVE-2022-44730"]}