Hi,The vuln type inside the email seems to be incorrect, it should be SSRF。
Simon Steiner <[email protected]> 于2023年8月22日周二 16:00写道: > CVE-2022-44729: > Apache Batik information disclosure vulnerability > > Severity: > Medium > > Vendor: > The Apache Software Foundation > > Versions Affected: > Batik 1.0 - 1.16 > > Description: > Block loading external resource by default > > Mitigation: > Users should upgrade to Batik 1.17 > > Credit: > This issue was independently reported by nbxiglk > > References: > http://xmlgraphics.apache.org/security.html > https://issues.apache.org/jira/browse/BATIK-1349 > > The Apache XML Graphics team. > > > > >
