Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Xmlgraphics Commons
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11988 2 Apache, Fedoraproject 2 Xmlgraphics Commons, Fedora 2024-11-21 6.4 MEDIUM 8.2 HIGH
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.