You are viewing a plain text version of this content. The canonical link for it is here.

Posted to batik-dev@xmlgraphics.apache.org by "Stacey McIntire (Jira)" <ji...@apache.org> on 2022/02/21 15:46:00 UTC

[jira] [Created] (BATIK-1321) Security Vulnerability with Xerces version <= 2.12.1

Stacey McIntire created BATIK-1321:
--------------------------------------

             Summary: Security Vulnerability with Xerces version <= 2.12.1
                 Key: BATIK-1321
                 URL: https://issues.apache.org/jira/browse/BATIK-1321
             Project: Batik
          Issue Type: Bug
    Affects Versions: 1.14
            Reporter: Stacey McIntire


Batik needs to reference Xerces 2.12.2, which fixes vulnerability:

[https://nvd.nist.gov/vuln/detail/CVE-2022-23437] 

Batik 1.14 is still using vulnerable Xerces 2.12.1.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: batik-dev-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: batik-dev-help@xmlgraphics.apache.org