Updated batik packages fix a security vulnerability
Publication date: 17 Mar 2021Type: security
Affected Mageia releases : 8
CVE: CVE-2020-11987
Description
The Apache Batik library is vulnerable to SSRF via the NodePickerPanel that allow an attacker to cause the underlying server to make arbitrary GET requests (CVE-2020-11987).
References
SRPMS
8/core
- batik-1.14-1.1.mga8