There is 1 open security issue in buster.
1 issue left for the package maintainer to handle:
- CVE-2019-13990:
(needs triaging)
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
You can find information about how to handle this issue in the security team's documentation.