Apache Software Foundation Apache Xml Graphics Batik vulnerabilities
2 known vulnerabilities affecting apache_software_foundation/apache_xml_graphics_batik.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-44729HIGHCVSS 7.1v1.162023-08-22
CVE-2022-44729 [HIGH] CWE-918 CVE-2022-44729: Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics B
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade t
nvd
CVE-2022-44730MEDIUMCVSS 4.4v1.162023-08-22
CVE-2022-44730 [MEDIUM] CWE-918 CVE-2022-44730: Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics B
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
A malicious SVG can probe user profile / data and send it directly as parameter to a URL.
nvd