CVE-2024-23076

Name of the Vulnerable Software and Affected Versions JFreeChart version 1.5.4

Description A NullPointerException was discovered in JFreeChart via the component /labels/BubbleXYItemLabelGenerator.java. However, the existence of this issue is disputed by multiple third parties due to potentially insufficient evidence. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

Recommendations For JFreeChart version 1.5.4, consider temporarily disabling or restricting the use of the /labels/BubbleXYItemLabelGenerator.java component until further clarification or a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.