BIRT runtime uses Apache Cassandra library which as reported by NIST and NVD has critical security vulnerability #1064
-
|
Our security code and 3d party product review team reported that one of core BIRT ReportEngine runtime jars, e.g.: This library has critical (score 9.1) security vulnerability reported by NIST. For more details, please, see here: https://nvd.nist.gov/vuln/detail/CVE-2021-44521. Thanks, |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
The BIRT ReportEngine Runtime is not a web application. It is a local report renderer and, therefore, not subject to the effects described in your CVE. Please correct me if I am wrong |
Beta Was this translation helpful? Give feedback.
-
|
Noted, thanks! |
Beta Was this translation helpful? Give feedback.
-
|
One more reason for #1033 |
Beta Was this translation helpful? Give feedback.
-
|
I commented on that issue: #1033 (reply in thread) |
Beta Was this translation helpful? Give feedback.
The BIRT ReportEngine Runtime is not a web application. It is a local report renderer and, therefore, not subject to the effects described in your CVE.
Please correct me if I am wrong