CVE-2022-44729

HIGH Year: 2022
CVSS v3 Score
7.1
High
Weakness Type
CWE-918
View all →

Vulnerability Description

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.

Related Vulnerabilities

CVE-2020-14296

HIGH
CVSS:7.1(High)

Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal netwo...

CWE-9182020

CVE-2021-31828

HIGH
CVSS:7.1(High)

An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceedi...

CWE-9182021

CVE-2022-21697

HIGH
CVSS:7.1(High)

Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploy...

CWE-9182022

CVE-2022-2756

HIGH
CVSS:7.1(High)

Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.

CWE-9182022

CVE-2023-34370

HIGH
CVSS:7.1(High)

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects ...

CWE-9182023

CVE-2023-40033

HIGH
CVSS:7.1(High)

Flarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, ...

CWE-9182023