DEBIAN-CVE-2022-44730

DEBIAN-CVE-2022-44730 PUBLISHED CVSS 4.400000095367432 MEDIUM

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Risk Scores

CVSS v3.1

4.400000095367432

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:14	batik	0, 0, 0
Debian:13	batik	0, 0, 0
Debian:11	batik	1.12-4+deb11u1, 1.12-4, 0
Debian:12	batik	1.16+dfsg, 0, 1.16+dfsg-1

Timeline

Aug 22, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-44730 advisory

Open in Interactive Console →