CVE-2022-44729 in Hyperion Financial Reportinginfo

Summary

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

11/04/2022

Disclosure

08/22/2023

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
251226Oracle Hyperion Financial Reporting Installation server-side request forgery918Not definedOfficial fixCVE-2022-44729
251207Oracle Business Intelligence Enterprise Edition Presentation Services server-side request forgery918Not definedOfficial fixCVE-2022-44729
251181Oracle Business Process Management Suite BPM Composer server-side request forgery918Not definedOfficial fixCVE-2022-44729
251137Oracle Financial Services Revenue Management and Billing Infrastructure server-side request forgery918Not definedOfficial fixCVE-2022-44729
242712Oracle WebLogic Server Centralized Thirdparty Jars server-side request forgery918Not definedOfficial fixCVE-2022-44729
242711Oracle Middleware Common Libraries and Tools Third Party server-side request forgery918Not definedOfficial fixCVE-2022-44729
242440Oracle Database Spatial/Graph server-side request forgery918Not definedOfficial fixCVE-2022-44729
237672Apache Batik server-side request forgery918Not definedOfficial fixCVE-2022-44729

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!