CVE-2022-40146

Related Files

Gentoo Linux Security Advisory 202401-11

Posted Jan 8, 2024

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-11 - Multiple vulnerabilities have been found in Apache Batik, the worst of which could result in arbitrary code execution. Versions greater than or equal to 1.17 are affected.

tags | advisory, arbitrary, vulnerability, code execution

systems | linux, gentoo

advisories | CVE-2018-8013, CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648, CVE-2022-40146, CVE-2022-41704, CVE-2022-42890, CVE-2022-44729, CVE-2022-44730

SHA-256 | 38dc322bd0fed516dfe0f2d0a1d6bae717c540ee1db996da4b99b50da6a45469

Download | Favorite | View

Red Hat Security Advisory 2023-3954-01

Posted Jun 30, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3954-01 - This release of Red Hat Fuse 7.12 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, code execution, denial of service, information leakage, resource exhaustion, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution

systems | linux, redhat

advisories | CVE-2012-5783, CVE-2020-13956, CVE-2022-24785, CVE-2022-31692, CVE-2022-36437, CVE-2022-38398, CVE-2022-38648, CVE-2022-40146, CVE-2022-41704, CVE-2022-41854, CVE-2022-41881, CVE-2022-41940, CVE-2022-41946, CVE-2022-41966

SHA-256 | b9ad17c0639a99e73879d0ac2298fc210c934f52c497fb63d77d3a07270b9229

Download | Favorite | View

Ubuntu Security Notice USN-6117-1

Posted May 31, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6117-1 - It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. It was discovered that Apache Batik incorrectly handled Jar URLs in some situations. A remote attacker could use this issue to access files on the server. It was discovered that Apache Batik allowed running untrusted Java code from an SVG. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, java, remote, denial of service, arbitrary, csrf

systems | linux, ubuntu

advisories | CVE-2019-17566, CVE-2022-40146

SHA-256 | 85f995d8dc3d6d133b2736ab20338129d78bc3c4ade7134e041730d468f2bdaf

Download | Favorite | View

Red Hat Security Advisory 2023-2100-01

Posted May 4, 2023

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2100-01 - This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include bypass, code execution, cross site scripting, denial of service, man-in-the-middle, memory exhaustion, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss

systems | linux, redhat

advisories | CVE-2021-37533, CVE-2022-25857, CVE-2022-31777, CVE-2022-33681, CVE-2022-37865, CVE-2022-37866, CVE-2022-38398, CVE-2022-38648, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-39368, CVE-2022-40146

SHA-256 | 1bb832bf7ada06ee62e5e890aaaa9e8555545e8a79873bfe81eac208c4eb6165

Download | Favorite | View