[
https://issues.apache.org/jira/browse/NIFI-9785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518260#comment-17518260
]
Jonathan Leitschuh commented on NIFI-9785:
------------------------------------------
The vulnerability that this issue fixed has now been disclosed here:
[https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-rvp4-r3g6-8hxq]
No CVE has been assigned at this time. This vulnerability is now public without
a CVE.
> Improve Login Credentials Writer File Handling
> ----------------------------------------------
>
> Key: NIFI-9785
> URL: https://issues.apache.org/jira/browse/NIFI-9785
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Fix For: 1.16.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The {{StandardLoginCredentialsWriter}} reads an existing
> {{login-identity-providers.xml}} file and writes updated single user
> credentials. The implementation should be improved to streamline input and
> output file handling.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
