https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Bug ID: 1581725 Summary: CVE-2018-8013 batik: information disclosure when deserializing Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: lpardo@redhat.com CC: akurtako@redhat.com, bmcclain@redhat.com, c.david86@gmail.com, dblechte@redhat.com, eedri@redhat.com, hghasemb@redhat.com, hhorak@redhat.com, java-maint@redhat.com, java-sig-commits@lists.fedoraproject.org, jorton@redhat.com, jvanek@redhat.com, mgoldboi@redhat.com, michal.skrivanek@redhat.com, mizdebsk@redhat.com, msimacek@redhat.com, sbonazzo@redhat.com, sherold@redhat.com, ykaul@redhat.com, ylavi@redhat.com
A flaw was found in Apache Batik versions 1.0 through 1.9.1. An information disclosure when deserializing a subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class.
References: https://xmlgraphics.apache.org/security.html
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Laura Pardo lpardo@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1581726, 1581727
--- Comment #1 from Laura Pardo lpardo@redhat.com --- Created batik tracking bugs for this issue:
Affects: fedora-all [bug 1581726]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1581726 [Bug 1581726] CVE-2018-8013 batik: information disclosure when deserializing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Laura Pardo lpardo@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1581731
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0523,reported=20180523,sour |0523,reported=20180523,sour |ce=oss-security,cvss3=5.3/C |ce=oss-security,cvss3=5.3/C |VSS:3.0/AV:N/AC:L/PR:N/UI:N |VSS:3.0/AV:N/AC:L/PR:N/UI:N |/S:U/C:L/I:N/A:N,cwe=CWE-20 |/S:U/C:L/I:N/A:N,cwe=CWE-20 |0,fedora-all/batik=affected |0,fedora-all/batik=affected |,rhel-6/batik=new,rhel-7/ba |,rhel-6/batik=new,rhel-7/ba |tik=new,rhev-m-4/batik=new, |tik=new,rhev-m-4/batik=new, |rhscl-3/batik=new,rhel-8/ba |rhscl-3/batik=new,rhel-8/ba |tik=affected,fuse-6/switchy |tik=affected,fuse-6/switchy |ard=new,rhscl-3/rh-java-com |ard=wontfix,rhscl-3/rh-java |mon-batik=new |-common-batik=new
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Doran Moppert dmoppert@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|bmcclain@redhat.com, | |dblechte@redhat.com, | |eedri@redhat.com, | |mgoldboi@redhat.com, | |michal.skrivanek@redhat.com | |, sbonazzo@redhat.com, | |sherold@redhat.com, | |ykaul@redhat.com, | |ylavi@redhat.com | Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0523,reported=20180523,sour |0523,reported=20180523,sour |ce=oss-security,cvss3=5.3/C |ce=oss-security,cvss3=7.3/C |VSS:3.0/AV:N/AC:L/PR:N/UI:N |VSS:3.0/AV:N/AC:L/PR:N/UI:N |/S:U/C:L/I:N/A:N,cwe=CWE-20 |/S:U/C:L/I:L/A:L,cwe=CWE-50 |0,fedora-all/batik=affected |2,fedora-all/batik=affected |,rhel-6/batik=new,rhel-7/ba |,rhel-6/batik=new,rhel-7/ba |tik=new,rhev-m-4/batik=new, |tik=new,rhel-8/batik=affect |rhscl-3/batik=new,rhel-8/ba |ed,fuse-6/switchyard=wontfi |tik=affected,fuse-6/switchy |x,rhscl-3/rh-java-common-ba |ard=wontfix,rhscl-3/rh-java |tik=affected |-common-batik=new |
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Doran Moppert dmoppert@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1583048
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Doran Moppert dmoppert@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0523,reported=20180523,sour |0523,reported=20180523,sour |ce=oss-security,cvss3=7.3/C |ce=oss-security,cvss3=7.3/C |VSS:3.0/AV:N/AC:L/PR:N/UI:N |VSS:3.0/AV:N/AC:L/PR:N/UI:N |/S:U/C:L/I:L/A:L,cwe=CWE-50 |/S:U/C:L/I:L/A:L,cwe=CWE-50 |2,fedora-all/batik=affected |2,fedora-all/batik=affected |,rhel-6/batik=new,rhel-7/ba |,rhel-6/batik=wontfix,rhel- |tik=new,rhel-8/batik=affect |7/batik=affected,rhel-8/bat |ed,fuse-6/switchyard=wontfi |ik=affected,fuse-6/switchya |x,rhscl-3/rh-java-common-ba |rd=wontfix,rhscl-3/rh-java- |tik=affected |common-batik=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Doran Moppert dmoppert@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0523,reported=20180523,sour |0523,reported=20180523,sour |ce=oss-security,cvss3=7.3/C |ce=oss-security,cvss3=7.3/C |VSS:3.0/AV:N/AC:L/PR:N/UI:N |VSS:3.0/AV:N/AC:L/PR:N/UI:N |/S:U/C:L/I:L/A:L,cwe=CWE-50 |/S:U/C:L/I:L/A:L,cwe=CWE-50 |2,fedora-all/batik=affected |2,fedora-all/batik=affected |,rhel-6/batik=wontfix,rhel- |,rhel-6/batik=wontfix,rhel- |7/batik=affected,rhel-8/bat |7/batik=wontfix,rhel-8/bati |ik=affected,fuse-6/switchya |k=affected,fuse-6/switchyar |rd=wontfix,rhscl-3/rh-java- |d=wontfix,rhscl-3/rh-java-c |common-batik=affected |ommon-batik=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
Chess Hazlett chazlett@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2018-05-30 17:27:13
https://bugzilla.redhat.com/show_bug.cgi?id=1581725
--- Comment #5 from Chess Hazlett chazlett@redhat.com --- External References:
https://xmlgraphics.apache.org/security.html http://seclists.org/oss-sec/2018/q2/135
https://bugzilla.redhat.com/show_bug.cgi?id=1581725 Bug 1581725 depends on bug 1581726, which changed state.
Bug 1581726 Summary: CVE-2018-8013 batik: information disclosure when deserializing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1581726
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
java-sig-commits@lists.fedoraproject.org