Mike R created NIFI-10060:
-----------------------------
Summary: Fix Issues Found In Dependency Checker
Key: NIFI-10060
URL: https://issues.apache.org/jira/browse/NIFI-10060
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 1.16.2, 1.16.1
Reporter: Mike R
Dependencychecker by OWASP shows the following dependencies that have CVEs
against them and are showing as vulnerable when I implement NiFi in my
environment when it gets scanned. Are there any plans to upgrade any of the
following:
spring-core-5.3.19.jar
spring-aop-5.3.19.jar
protobuf-java-3.19.1.jar
nifi-xml-processing-1.16.2.jar
google-http-client-gson-1.140.1.jar
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
