Apache Batik information vulnerability

Summary

Apache Batik (also known as Batik SVG Toolkit or Batik Java SVG Toolkit) is a java-based application of the Apache software foundation, primarily for working with images in SVG format.

Apache Batik has information leakage vulnerability, which can be used by an attacker to cause information leakage, so as to obtain sensitive information that may lead to further attacks.


Solution

At present, the manufacturer has issued an update patch to fix the vulnerability, and the patch gets the link:

https://xmlgraphics.apache.org/security.html