[BATIK-1331] Jar url should be blocked by DefaultExternalResourceSecurity - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.15
Component/s: None
Labels:
None

Description

DefaultExternalResourceSecurity should block url loaded thru jar protocol

CVE-2022-38398

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

test.svg
16/Aug/22 12:26
0.2 kB
Simon Steiner

Activity

People

Assignee:: Simon Steiner

Reporter:: Simon Steiner

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/Aug/22 12:25

Updated:: 22/Sep/22 12:09

Resolved:: 16/Aug/22 14:18