Joined: 12 May 2004
|Posted: Sat Mar 14, 2020 5:26 pm Post subject: [ GLSA 202003-11 ] SVG Salamander
|Gentoo Linux Security Advisory
Title: SVG Salamander: Server-Side Request Forgery (GLSA 202003-11)
A SSRF may allow remote attackers to forge illegitimate requests.
SVG Salamander is a light weight SVG renderer and animator for Java.
Vulnerable: <= 0.0-r2
Architectures: All supported architectures
A Server-Side Request Forgery was discovered in SVG Salamander.
An attacker, by sending a specially crafted SVG file, can conduct SSRF.
There is no known workaround at this time.
Gentoo has discontinued support for SVG Salamander. We recommend that
users unmerge SVG Salamander:
|# emerge --unmerge "dev-java/svgsalamander"