Project

General

Profile

Actions
Copy link

Bug #21907

open

Ignore reported batik-css CVE

Added by Alexis Mousset about 2 years ago. Updated 6 months ago.

Status:
Pending release
Priority:
N/A
Assignee:
François ARMAND
Category:
Security
Target version:
7.1
Pull Request:
https://github.com/Normation/rudder-p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

https://nvd.nist.gov/vuln/detail/CVE-2022-40146 is a false positive as antisamy only uses batik-css which does not depend on the affected package https://security.snyk.io/vuln/maven/?search=batik.

Subtasks 1 (0 open1 closed)

Bug #21908: Ignore reported batik-util CVEReleasedVincent MEMBRÉActions
Actions
Copy link

Also available in: Atom PDF