Apache™ Batik Project Security: - CVE-2022-44729 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-44730 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-42890 / SSRF vulnerability / Fixed in Batik 1.16 - CVE-2022-41704 / SSRF vulnerability / Fixed in Batik 1.16 - CVE-2022-38398 / SSRF vulnerability / Fixed in Batik 1.15 - CVE-2022-38648 / SSRF vulnerability / Fixed in Batik 1.15 - CVE-2022-40146 / SSRF vulnerability / Fixed in Batik 1.15 - CVE-2020-11987 / SSRF vulnerability / Fixed in Batik 1.14 - CVE-2019-17566 / Deserialization vulnerability / Fixed in Batik 1.13 - CVE-2018-8013 / Deserialization vulnerability / Fixed in Batik 1.10 - CVE-2017-5662 / XXE vulnerability / Fixed in Batik 1.9 - CVE-2015-0250 / XXE vulnerability / Fixed in Batik 1.8, 1.7.1, and 1.6.1 Apache™ FOP Project - Apache FOP Security: - CVE-2024-28168 / XXE vulnerability / Fixed in FOP 2.10 - CVE-2017-5661 / XXE vulnerability / Fixed in FOP 2.2 Apache™ XML Graphics Commons Project - Apache XML Graphics Commons Security: - CVE-2020-11988 / XXE vulnerability / Fixed in Commons 2.6 Reporting New Security Problems: - Report security issues to the private security mailing list of the ASF Security Team. - Do not submit security reports regarding vulnerabilities to the bug reporting system. Security Standards: - Vulnerabilities are labeled with CVE identifiers.