[jira] [Created] (NIFI-9732) Upgrade Zip4j to 2.9.1

David Handermann (Jira) Sat, 26 Feb 2022 06:56:04 -0800

David Handermann created NIFI-9732:
--------------------------------------

             Summary: Upgrade Zip4j to 2.9.1
                 Key: NIFI-9732
                 URL: https://issues.apache.org/jira/browse/NIFI-9732
             Project: Apache NiFi
          Issue Type: Bug
    Affects Versions: 1.15.3, 1.14.0
            Reporter: David Handermann
            Assignee: David Handermann



Zip4j prior to 2.9.1 can throw an uncaught exception when parsing crafted Zip 
files as described in 
[CVE-2022-24615|https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24615].  
The {{UnpackContent}} processors uses Zip4j to read encrypted Zip files when 
configured with  password.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (NIFI-9732) Upgrade Zip4j to 2.9.1

Reply via email to