VulnerableCode Package Details - pkg:maven/org.apache.xmlgraphics/batik-bridge@1.16

Search for packages

Vulnerability	Summary	Fixed by
VCID-zxeg-w6n7-cbe3 Aliases: CVE-2022-44729 GHSA-gq5f-xv48-2365	Apache XML Graphics Batik Server-Side Request Forgery vulnerability Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.	1.17 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-zxeg-w6n7-cbe3
Aliases:
CVE-2022-44729
GHSA-gq5f-xv48-2365

Apache XML Graphics Batik Server-Side Request Forgery vulnerability Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.

1.17
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ewrb-sx6p-mqbj	A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.	CVE-2022-41704 GHSA-r29w-r9ph-vm76
VCID-hmf4-tru4-x7aj	A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.	CVE-2022-42890 GHSA-rwqr-m72q-v6cm

Vulnerability

Summary

Aliases

VCID-ewrb-sx6p-mqbj

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.

CVE-2022-41704
GHSA-r29w-r9ph-vm76

VCID-hmf4-tru4-x7aj

A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.

CVE-2022-42890
GHSA-rwqr-m72q-v6cm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T04:03:12.088927+00:00	GitLab Importer	Affected by	VCID-zxeg-w6n7-cbe3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-44729.yml	38.6.0
2026-06-05T21:37:09.641530+00:00	GHSA Importer	Fixing	VCID-hmf4-tru4-x7aj	https://github.com/advisories/GHSA-rwqr-m72q-v6cm	38.6.0
2026-06-05T17:12:56.060551+00:00	GitLab Importer	Fixing	VCID-ewrb-sx6p-mqbj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-41704.yml	38.6.0
2026-06-05T17:12:55.760073+00:00	GitLab Importer	Fixing	VCID-hmf4-tru4-x7aj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.xmlgraphics/batik-bridge/CVE-2022-42890.yml	38.6.0
2026-06-04T17:44:25.155005+00:00	GithubOSV Importer	Fixing	VCID-hmf4-tru4-x7aj	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/10/GHSA-rwqr-m72q-v6cm/GHSA-rwqr-m72q-v6cm.json	38.6.0