Lucene search
K

126 matches found

GithubExploit
GithubExploit
added 2023/08/26 6:45 a.m.1849 views

Exploit for CVE-2023-21939

JDK CVE-2023-21939 文章链接https://mp.weixin.qq.com/s?biz=M...

5.3CVSS6.8AI score0.02474EPSS
Exploits1
Veracode
Veracode
added 2023/08/24 5:40 a.m.31 views

Server-Side Request Forgery (SSRF)

Apache XML Graphics Batik is vulnerable to Server-Side Request Forgery SSRF. An attacker is able to trick the application into loading a malicious SVG file, which could then be used to cause excess resource consumption or make unauthorized requests to other systems...

7.1CVSS6.9AI score0.00786EPSS
Exploits0References10Affected Software3
OSV
OSV
added 2023/08/22 7:16 p.m.11 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS7.1AI score
Exploits0References6
NVD
NVD
added 2023/08/22 7:16 p.m.26 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS7AI score0.00786EPSS
Exploits0References6
OSV
OSV
added 2023/08/22 7:16 p.m.11 views

CVE-2022-44730

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

4.4CVSS5.8AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.53 views

CVE-2022-44729

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.1CVSS6.8AI score0.00786EPSS
Exploits0References7
Prion
Prion
added 2023/08/22 7:16 p.m.26 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

3.3CVSS5AI score0.00749EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2023/08/22 2:12 p.m.24 views

CVE-2022-44729 Apache XML Graphics Batik: Information disclosure vulnerability

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even...

7.2AI score0.00786EPSS
Exploits0References6
CVE
CVE
added 2023/08/22 1:57 p.m.130 views

CVE-2022-44730

CVE-2022-44730 is a Server-Side Request Forgery (SSRF) in Apache XML Graphics Batik (affected version: 1.16). A malicious SVG can probe user data and send it as a parameter to a URL; advisories (IBM bulletin, ALAS-2025-2801, Amazon Linux advisories) identify this alongside CVE-2022-44729 and reco...

4.4CVSS5.7AI score0.00749EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/29 8:7 p.m.7 views

batik: Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14...

7.5CVSS7.3AI score0.05791EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.6 views

batik: Server-Side Request Forgery

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14...

5.3CVSS7.3AI score0.01954EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.7 views

batik: Untrusted code execution in Apache XML Graphics Batik

A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript...

7.5CVSS7.2AI score0.0232EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/19 12:0 a.m.40 views

Oracle Business Process Management Suite (Apr 2023 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by multiple vulnerabilities, as referenced in the April 2023 CPU advisory. Specifically: - Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java...

9.8CVSS6.6AI score0.03571EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2023/03/27 7:43 p.m.35 views

CVE-2022-42890

A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript...

7.5CVSS7.4AI score0.0232EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.61 views

Amazon Linux 2 : batik (ALAS-2023-1966)

The version of batik installed on the remote host is prior to 1.8-0.12.svn1230816. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1966 advisory. Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the...

8.2CVSS7AI score0.13635EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.59 views

Amazon Linux AMI : batik (ALAS-2023-1695)

The version of batik installed on the remote host is prior to 1.7-10.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1695 advisory. Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel...

8.2CVSS7AI score0.13635EPSS
Exploits1References14
Amazon
Amazon
added 2023/03/06 12:0 a.m.49 views

Important: batik

Issue Overview: Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...

8.2CVSS7.2AI score0.13635EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-38398

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...

5.3CVSS8.9AI score0.02017EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:24 a.m.3 views

SUSE CVE-2022-38648

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14...

5.3CVSS8.9AI score0.01954EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-40146

Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14...

5.3CVSS8.8AI score0.05791EPSS
Exploits1References8
Rows per page
Query Builder