[RESPDAM-47] Update batik libs Created: 24/Jun/21  Updated: 02/Aug/21  Resolved: 02/Aug/21

Status: Closed
Project: DAM Focal
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Neutral
Reporter: Jonathan Ayala Assignee: Adrien Manzoni
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
relation
is related to RESPDAM-44 Upgrade to latest xmlgraphics-commons... Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:

 Description   

https://nvd.nist.gov/vuln/detail/CVE-2020-11987
https://nvd.nist.gov/vuln/detail/CVE-2020-7791

This vulnerability affects batik libs prior to 2.1.15 (i18n package)



 Comments   
Comment by Mercedes Iruela [ 02/Aug/21 ]

https://nvd.nist.gov/vuln/detail/CVE-2020-11987 -> batik library updated to v1.14 by RESPDAM-44
https://nvd.nist.gov/vuln/detail/CVE-2020-7791 -> False positive (https://github.com/jeremylong/DependencyCheck/issues/3350)

Generated at Mon Feb 12 00:42:01 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.