SB2023082528 - Multiple SSRF vulnerabilities in Apache Batik
Published: August 25, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2022-44730)
The disclosed vulnerability allows a remote user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input when parsing SVG images. A remote user can upload a malicious SVG image and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
2) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2022-44729)
The disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
Remediation
Install update from vendor's website.
References
- https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0
- https://xmlgraphics.apache.org/security.html
- http://www.openwall.com/lists/oss-security/2023/08/22/3
- http://www.openwall.com/lists/oss-security/2023/08/22/5
- https://issues.apache.org/jira/browse/BATIK-1347
- https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2
- http://www.openwall.com/lists/oss-security/2023/08/22/4
- http://www.openwall.com/lists/oss-security/2023/08/22/2