Community
Participate
Working Groups
Batik 1.7 which is bundled with BIRT 4.8 has severe vulnerabilities. Batik has already released new versions which has fix for these vulnerabilities. BIRT needs to update these. Here is the list of vulnerabilities reported: CVE-2018-8013 (BDSA-2018-1559) : Base Socre 9.8 CVE-2017-5662 (BDSA-2012-0002): Base Score 7.3 CVE-2015-0250: Base score 6.4 All these are fixed in latest Batik version 1.11.