vulnerability
Oracle WebLogic: CVE-2022-44729 : Critical Patch Update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:L/AC:M/Au:N/C:C/I:N/A:C) | Aug 22, 2023 | Oct 19, 2023 | Feb 17, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:C)
Published
Aug 22, 2023
Added
Oct 19, 2023
Modified
Feb 17, 2025
Description
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.
On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.
Solution(s)
oracle-weblogic-oct-2023-cpu-12_2_1_4_0oracle-weblogic-oct-2023-cpu-14_1_1_0_0

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.