CVE-2015-0250
Publication date 18 March 2015
Last updated 24 July 2024
Ubuntu priority
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Status
Package | Ubuntu Release | Status |
---|---|---|
batik | ||
14.04 LTS trusty |
Fixed 1.7.ubuntu-8ubuntu2.14.04.1
|
|
Patch details
Package | Patch details |
---|---|
batik |
References
Related Ubuntu Security Notices (USN)
- USN-2548-1
- Batik vulnerability
- 25 March 2015