Upgrade Batik to 1.14 for security
mhping opened this issue · comments
mhping commented
Hi.
The Batik versions 1.13 and prior have some medium-high CVEs discovered in it.
https://nvd.nist.gov/vuln/detail/CVE-2020-11987
CVE-2019-17566, CVE-2018-8013
https://xmlgraphics.apache.org/security.html
Although i cannot verify if they are exploitable. But i believe it is still very worth upgrading.