{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-44729", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2022-11-04T09:23:15.973Z", "datePublished": "2023-08-22T14:12:50.301Z", "dateUpdated": "2025-02-13T16:33:42.214Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache XML Graphics Batik", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "1.16"}]}], "credits": [{"lang": "en", "type": "finder", "value": "nbxiglk"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.<p>This issue affects Apache XML Graphics Batik: 1.16.</p><p>On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.<br></p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.\n\nOn version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-01-07T11:06:27.331Z"}, "references": [{"url": "https://xmlgraphics.apache.org/security.html"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/22/2"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/22/4"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html"}, {"url": "https://security.gentoo.org/glsa/202401-11"}], "source": {"defect": ["BATIK-1349"], "discovery": "UNKNOWN"}, "title": "Apache XML Graphics Batik: Information disclosure vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:01:31.175Z"}, "title": "CVE Program Container", "references": [{"url": "https://xmlgraphics.apache.org/security.html", "tags": ["x_transferred"]}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2"}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/22/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/08/22/4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202401-11", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:xml_graphics_batik:*:*:*:*:*:*:*:*", "matchCriteriaId": "F47BF012-F21F-4B92-ADE7-957E3FE338E0", "versionEndIncluding": "1.16", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.\n\nOn version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later."}], "id": "CVE-2022-44729", "lastModified": "2025-02-13T17:15:46.920", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-22T19:16:29.833", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/22/2"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/22/4"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html"}, {"source": "security@apache.org", "url": "https://security.gentoo.org/glsa/202401-11"}, {"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://xmlgraphics.apache.org/security.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/22/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/08/22/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://xmlgraphics.apache.org/security.html"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@apache.org", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:5441", "cpe": "cpe:/a:redhat:camel_spring_boot:4.0.0", "package": "batik", "product_name": "RHINT Camel-Springboot 4.0.0", "release_date": "2023-10-04T00:00:00Z"}, {"advisory": "RHSA-2024:1353", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", "package": "batik", "product_name": "RHPAM 7.13.5 async", "release_date": "2024-03-18T00:00:00Z"}], "bugzilla": {"description": "batik: Server-Side Request Forgery vulnerability", "id": "2233889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233889"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "status": "verified"}, "cwe": "CWE-918", "details": ["Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.\nOn version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.", "A flaw was found in Apache Batik 1.0 - 1.16. This issue occurs due to a malicious SVG triggering external resources loading by default, causing resource consumption or in some cases information disclosure."], "name": "CVE-2022-44729", "package_state": [{"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Affected", "package_name": "batik", "product_name": "Red Hat build of Apache Camel for Spring Boot 3"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Affected", "package_name": "batik", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "batik", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "fop", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "batik", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "batik", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Out of support scope", "package_name": "batik", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Will not fix", "package_name": "batik", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "batik", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "batik", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "batik", "product_name": "Red Hat JBoss Fuse Service Works 6"}], "public_date": "2023-08-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-44729\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-44729\nhttps://github.com/advisories/GHSA-gq5f-xv48-2365\nhttps://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2"], "threat_severity": "Moderate", "upstream_fix": "batik 1.17"}