vulnerability
Amazon Linux AMI 2: CVE-2022-44729: Security patch for batik (ALAS-2025-2801)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:N/C:C/I:N/A:C) | Aug 22, 2023 | Mar 26, 2025 | Mar 26, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:C)
Published
Aug 22, 2023
Added
Mar 26, 2025
Modified
Mar 26, 2025
Description
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.
Solutions
amazon-linux-ami-2-upgrade-batikamazon-linux-ami-2-upgrade-batik-demoamazon-linux-ami-2-upgrade-batik-javadocamazon-linux-ami-2-upgrade-batik-rasterizeramazon-linux-ami-2-upgrade-batik-slideshowamazon-linux-ami-2-upgrade-batik-squiggleamazon-linux-ami-2-upgrade-batik-svgppamazon-linux-ami-2-upgrade-batik-ttf2svg
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.