CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-44730

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.9%

CVSS Severity

CVSS v3 Score 4.4

References

http://www.openwall.com/lists/oss-security/2023/08/22/3
http://www.openwall.com/lists/oss-security/2023/08/22/5
https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0
https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html
https://security.gentoo.org/glsa/202401-11
https://xmlgraphics.apache.org/security.html
http://www.openwall.com/lists/oss-security/2023/08/22/3
http://www.openwall.com/lists/oss-security/2023/08/22/5
https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0
https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html
https://security.gentoo.org/glsa/202401-11
https://xmlgraphics.apache.org/security.html

Products affected by CVE-2022-44730

Apache » Xml Graphics Batik » Version: Any

cpe:2.3:a:apache:xml_graphics_batik:*
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-44730

Products

Pricing

Contact Us