CVE-2022-44730

CVE-2022-44730: Apache XML Graphics Batik: Information disclosure vulnerability

Vendor Apache Software Foundation

Product Apache XML Graphics Batik

Weakness CWE-918 · SSRF

Published August 22, 2023

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.

Key dates

Disclosure timeline

August 22, 2023 CVE published

February 13, 2025 Record updated