CVE-2019-17566 vulnerability in Apache and Other Products
Published on November 12, 2020

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

Vendor Advisory NVD

Products Associated with CVE-2019-17566

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-17566 are published in these products:

Apache Batik

Oracle Api Gateway

Oracle Business Intelligence

Oracle Communications Application Session Controller

Oracle Communications Metasolv Solution

Oracle Communications Offline Mediation Controller

Oracle Enterprise Repository

Oracle Financial Services Analytical Applications Infrastructure

Oracle Fusion Middleware Mapviewer

Oracle Hospitality Opera 5

Oracle Hyperion Financial Reporting

Oracle Instantis Enterprisetrack

Oracle Jd Edwards Enterpriseone Tools

Oracle Retail Integration Bus

Oracle Retail Order Broker

Oracle Retail Order Management System Cloud Service

Oracle Retail Point Of Service

Oracle Retail Returns Management

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.81%

Percentile

73.97%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-17566 vulnerability in Apache and Other ProductsPublished on November 12, 2020

Products Associated with CVE-2019-17566

Exploit Probability

CVE-2019-17566 vulnerability in Apache and Other Products
Published on November 12, 2020