CVE-2022-44729 Apache XML Graphics Batik: Information disclosure vulnerability

2023-08-2214:12:50

CWE-918

apache

raw.githubusercontent.com

apache xml graphics

ssrf

information disclosure

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.3%

JSON

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.