Vulnerabilities > Apache > XML Graphics Batik

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-44729 Server-Side Request Forgery (SSRF) vulnerability in multiple products
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure.
local
low complexity
apache debian CWE-918
7.1
7.1
2023-08-22 CVE-2022-44730 Server-Side Request Forgery (SSRF) vulnerability in multiple products
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.
local
low complexity
apache debian CWE-918
4.4
4.4