cve/2022/CVE-2022-42890.md

### [CVE-2022-42890](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42890)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20XML%20Graphics&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Batik%3C%3D%201.15%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20code%20execution%20via%20batik%20scripting&color=brighgreen)

### Description

A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/4ra1n/4ra1n
- https://github.com/ARPSyndicate/cvemon
- https://github.com/yycunhua/4ra1n
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2022-42890](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42890)`
			`![](https://img.shields.io/static/v1?label=Product&message=Apache%20XML%20Graphics&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=Batik%3C%3D%201.15%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20code%20execution%20via%20batik%20scripting&color=brighgreen)`

			`### Description`

			`A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/4ra1n/4ra1n`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/yycunhua/4ra1n`