-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.apache.xmlgraphics:batik | maven | >= 1.0, < 1.15 | 1.15 |
Miggo AIRoot Cause AnalysisThe JIRA ticket BATIK-1331 explicitly identifies DefaultExternalResourceSecurity as the component needing a fix to block jar protocol URLs. The function checkLoadURI() (or equivalent) in this class would handle URL validation for external resources. Prior to version 1.15, this validation allowed the 'jar:' protocol, which is the root cause of the SSRF vulnerability. The direct reference to DefaultExternalResourceSecurity in the vulnerability resolution and the nature of the SSRF via jar protocol provides high confidence in this assessment.