This package has been
orphaned. This means that it does not have a real
maintainer at the moment. Please consider adopting this package
if you are interested in it. Please see bug number #907548 for more information.
CVE-2017-18197: In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView.