Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.7
-
None
-
None
Description
FOP needs to reference Xerces 2.12.2, which fixes vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2022-23437
FOP 2.7 is still using vulneable Xerces 2.12.1.