I'm using JasperReport library 6.2.0. It depends on a fork of your own of itext 2.1.7. This base version is quiet old and is regularly subject to vulnerabilities.
I'm wondering if CVE-2017-9096 was fixed in your fork and, so, in which version ?
No answers yet