Open dicaeffe opened 3 years ago
Hello, version 9.0 (and uppers) of Pentaho has few known CVEs (Common Vulnerabilities and Exposures) due to its dependencies.
Is possible to fix those security issues by updating the versions reported below?
note: Bootstrap is recommended to be updated to 3.4.1
Hi. What about https://nvd.nist.gov/vuln/detail/CVE-2020-11987 ? Fix: batik 1.14
CVE-2022-21724 in postgresql, not fixed in 9.4.0.0-79
Hello, version 9.0 (and uppers) of Pentaho has few known CVEs (Common Vulnerabilities and Exposures) due to its dependencies.
Is possible to fix those security issues by updating the versions reported below?
Apache Axis2/Java
Apache Log4j - log4j
jackson-databind
karaf
org.apache.xmlgraphics:batik-bridge