vulnerability

Oracle Database: Critical Patch Update - October 2023 (CVE-2022-44729)

Try Surface Command
Back to search
Severity
6
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:C)
Published
Oct 17, 2023
Added
Oct 18, 2023
Modified
Mar 27, 2026

Description

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.

Solution

oracle-apply-oct-2023-cpu

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today