[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[birt-report-engine-dev] Vulnerabilities in Eclipse BIRT jars

Hi,

I am using Eclipse BIRT 3.7.2 runtime environment. While scanning its libraries, came across many high vulnerabilities in below three jars.

org.eclipse.datatools.enablement.ibm.db2.luw.dbdefinition_1.0.4.v201107221502.jar
org.eclipse.datatools.enablement.ibm.db2.luw_1.0.2.v201107221502.jar
Issues(CVE-2008-4692,CVE-2007-3676,CVE-2007-2582,CVE-2012-3324,CVE-2008-0699,CVE-2008-1998,CVE-2007-5652,CVE-2011-0731,CVE-2008-3958,CVE-2007-5090)
org.eclipse.datatools.enablement.mysql_1.0.2.v201109022323.jar
(Issues: CVE-2004-0836,CVE-2008-0226,CVE-2004-0835,CVE-2001-1454,CVE-2001-1274,CVE-2001-1275)

I scanned the latest version of BIRT 4.3.2 also but results are same. Please let me know do we have fix for any of these problems for these jars.

Thanks in Advance!
Ruchika