Detail
Bugfix
Currently, the Apache Batik bilibrary is used in version 1.15.
This version contains some security vulnerabilities:
A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.
A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.
Details can be found here.
Test
The build task CheckDependencies should not contain an error of the type com.top-logic:tl-parent-all.pkg:maven/org.apache.xmlgraphics/batik-bridge@1.15.