Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.14
-
None
-
None
Description
Batik needs to reference Xerces 2.12.2, which fixes vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2022-23437
Batik 1.14 is still using vulnerable Xerces 2.12.1.