A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16. https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf http://www.openwall.com/lists/oss-security/2022/10/25/2 https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html https://www.debian.org/security/2022/dsa-5264
This issue has been addressed in the following products: RHINT Camel-Springboot 3.20.1 Via RHSA-2023:2100 https://access.redhat.com/errata/RHSA-2023:2100
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-41704
This issue has been addressed in the following products: Red Hat Fuse 7.12 Via RHSA-2023:3954 https://access.redhat.com/errata/RHSA-2023:3954