Debian dla-3619 : libbatik-java - security update

high Nessus Plugin ID 183091

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3619 advisory.

- ------------------------------------------------------------------------- Debian LTS Advisory DLA-3619-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucaris October 14, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : batik Version : 1.10-2+deb10u3 CVE ID : CVE-2020-11987 CVE-2022-38398 CVE-2022-38648 CVE-2022-40146 CVE-2022-44729 CVE-2022-44730 Debian Bug : 984829 1020589

Batik is a toolkit for applications or applets that want to use images in the Scalable Vector Graphics (SVG) format for various purposes, such as viewing, generation or manipulation.

CVE-2020-11987

A server-side request forgery was found, caused by improper input validation by the NodePickerPanel.
By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

CVE-2022-38398

A Server-Side Request Forgery (SSRF) vulnerability was found that allows an attacker to load a url thru the jar protocol.

CVE-2022-38648

A Server-Side Request Forgery (SSRF) vulnerability was found that allows an attacker to fetch external resources.

CVE-2022-40146

A Server-Side Request Forgery (SSRF) vulnerability was found that allows an attacker to access files using a Jar url.

CVE-2022-44729

A Server-Side Request Forgery (SSRF) vulnerability was found. A malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure.

CVE-2022-44730

A Server-Side Request Forgery (SSRF) vulnerability was found. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

For Debian 10 buster, these problems have been fixed in version 1.10-2+deb10u3.

We recommend that you upgrade your batik packages.

For the detailed security status of batik please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/batik

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libbatik-java packages.

Plugin Details

Severity: High

ID: 183091

File Name: debian_DLA-3619.nasl

Version: 1.2

Type: local

Agent: unix

Family: Debian Local Security Checks

Published: 10/14/2023

Updated: 1/22/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-11987

CVSS v3

Risk Factor: High

Base Score: 8.2

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:libbatik-java

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/14/2023

Vulnerability Publication Date: 2/24/2021

Reference Information

CVE: CVE-2020-11987, CVE-2022-38398, CVE-2022-38648, CVE-2022-40146, CVE-2022-44729, CVE-2022-44730

Detections

Analytics