Update twelvemonkeys imageio-core from 3.5 to 3.7.1 or higher
Description
Dependency-Check reports that the TwelveMonkeys extensions to javax.imageio that we’re using are vulnerable to CVE-2021-23792. It’s not been investigated, and we only use it in a very limited capacity (just the vcard image resizer?)
There’s plenty of good change since 3.5 - pick a good version and upgrade
Dependency-Check reports that the TwelveMonkeys extensions to javax.imageio that we’re using are vulnerable to CVE-2021-23792. It’s not been investigated, and we only use it in a very limited capacity (just the vcard image resizer?)
There’s plenty of good change since 3.5 - pick a good version and upgrade
Changelogs: https://github.com/haraldk/TwelveMonkeys/releases