| Title: The Apache™ XML Graphics Project - Community |
| |
| #The Apache™ XML Graphics Project - Security |
| |
| ## Published Vulnerabilities { #PublishedVulnerabilities} |
| |
| The *Apache™ XML Graphics Project* has collected its Security related information for all of its sub-projects to this page. |
| |
| ### Apache™ Batik Project - Apache Batik Security { #BatikSecurity} |
| |
| **Fixed in Batik 1.8, 1.7.1 and 1.6.1** |
| |
| medium: XXE vulnerability CVE-2015-0250 |
| |
| Issue Public: 2012-07-25 |
| |
| Update Released: 2015-03-17 (Batik 1.8) and 2015-05-10 (Batik 1.7.1 and 1.6.1) |
| |
| Affects: 1.7, 1.6 and earlier |
| |
| ### Apache™ FOP Project - Apache FOP Security { #FOPSecurity} |
| |
| At the time of the most recent update, the [Apache FOP Project](http://xmlgraphics.apache.org/fop/) has no published vulnerabilities. |
| |
| ### Apache™ XML Graphics Commons Project - Apache XML Graphics Commons Security { #XMLGraphicsCommonsSecurity} |
| |
| At the time of the most recent update, the [Apache XML Graphics Commons Project](http://xmlgraphics.apache.org/commons/) has no published vulnerabilities. |
| |
| ##Reporting New Security Problems with the Apache XML Graphics Sub Projects { #ReportingSecurityProblems} |
| |
| Please report problems to the private security mailing list of the ASF Security Team, before disclosing them in a public forum. See the page of the [ASF Security Team](http://www.apache.org/security/) for further information and contact information. |
| |
| **IMPORTANT** |
| |
| * **The ASF Security Team cannot accept regular bug reports or other queries. We ask that you use our [bug reporting page](http://xmlgraphics.apache.org/commons/bugs.html) for those.** |
| * **All mail sent to the Security Team that does not relate to security problems in Apache software will be ignored.** |
| |
| **VERY IMPORTANT** |
| |
| * **Do not submit security reports regarding vulnerabilities to our bug reporting system. This may inadvertently publicize the security vulnerability. Instead follow the steps on the [ASF Security Page](http://www.apache.org/security/).** |
| |
| ##Security Standards { #SecurityStandards} |
| |
| Apache XML Graphics Project vulnerabilities are labeled with [CVE](http://cve.mitre.org/) (Common Vulnerabilities and Exposures) identifiers. |