vulnerability
Oracle Database: Critical Patch Update - October 2023 (CVE-2022-44729)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:N/C:C/I:N/A:C) | 2023-10-17 | 2023-10-18 | 2025-05-07 |
Severity
6
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:C)
Published
2023-10-17
Added
2023-10-18
Modified
2025-05-07
Description
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.
Solution
oracle-apply-oct-2023-cpu
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.