CVE-2022-41704
Apache Batik prior to 1.16 allows RCE when loading untrusted SVG input
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
Una vulnerabilidad en Batik de Apache XML Graphics permite a un atacante ejecutar código Java no confiable desde un SVG. Este problema afecta a Apache XML Graphics versiones anteriores a 1.16. Es recomendado actualizar a versión 1.16
A flaw was found in Batik. This issue may allow a malicious user to run untrusted Java code from an SVG.
*Credits:
This issue was independently reported by 4ra1n of Chaitin Tech and pwnull
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-09-28 CVE Reserved
- 2022-10-25 CVE Published
- 2024-05-17 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-918: Server-Side Request Forgery (SSRF)
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2022/10/25/2 | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf | 2024-01-07 | |
| https://security.gentoo.org/glsa/202401-11 | 2024-01-07 | |
| https://www.debian.org/security/2022/dsa-5264 | 2024-01-07 | |
| https://access.redhat.com/security/cve/CVE-2022-41704 | 2023-06-29 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2182182 | 2023-06-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Batik Search vendor "Apache" for product "Batik" | >= 1.0 < 1.16 Search vendor "Apache" for product "Batik" and version " >= 1.0 < 1.16" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||