CVE-2015-0250
Description
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
EPSS Score
Exploitation Probability
1.083
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-0250 are fixed in Apache-batik 1.8 | Windows |
| xml.apache.org SVG Library (USN-2548-1) libbatik-java_1.7.ubuntu-8ubuntu1.1_all.deb | Linux |
| xml.apache.org SVG Library (USN-2548-1) libbatik-java_1.7.ubuntu-8ubuntu2.14.04.1_all.deb | Linux |
| xml.apache.org SVG Library (USN-2548-1) libbatik-java_1.7.ubuntu-8ubuntu2.14.04.1_all.deb | Linux |
| Vulnerabilities CVE-2015-0250 are fixed in Apache-batik for Linux 1.8 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234