The Apache™ XML Graphics Project - Security¶
The Apache™ XML Graphics Project has collected its Security related information for all of its sub-projects to this page.
Apache™ Batik Project - Apache Batik Security¶
Fixed in Batik 1.8, 1.7.1 and 1.6.1
medium: XXE vulnerability CVE-2015-0250
Issue Public: 2012-07-25
Update Released: 2015-03-17 (Batik 1.8) and 2015-05-10 (Batik 1.7.1 and 1.6.1)
Affects: 1.7, 1.6 and earlier
Apache™ FOP Project - Apache FOP Security¶
At the time of the most recent update, the Apache FOP Project has no published vulnerabilities.
Apache™ XML Graphics Commons Project - Apache XML Graphics Commons Security¶
At the time of the most recent update, the Apache XML Graphics Commons Project has no published vulnerabilities.
Reporting New Security Problems with the Apache XML Graphics Sub Projects¶
Please report problems to the private security mailing list of the ASF Security Team, before disclosing them in a public forum. See the page of the ASF Security Team for further information and contact information.
- The ASF Security Team cannot accept regular bug reports or other queries. We ask that you use our bug reporting page for those.
- All mail sent to the Security Team that does not relate to security problems in Apache software will be ignored.
- Do not submit security reports regarding vulnerabilities to our bug reporting system. This may inadvertently publicize the security vulnerability. Instead follow the steps on the ASF Security Page.
Apache XML Graphics Project vulnerabilities are labeled with CVE (Common Vulnerabilities and Exposures) identifiers.