Mike R created NIFI-10089:
-----------------------------
Summary: Update Commons-httpclient-3.1
Key: NIFI-10089
URL: https://issues.apache.org/jira/browse/NIFI-10089
Project: Apache NiFi
Issue Type: New Feature
Affects Versions: 1.16.2, 1.16.1
Reporter: Mike R
Update Commons-httpclient-3.1 to version at least 4.5.15.
The update can be found and downloaded from [the apache
website|https://hc.apache.org/downloads.cgi]
The vulnerable component is found at
/nifi-toolkit/lib/commons-httpclient-3.1.jar.
The affecting CVEs are CVE 2012-5783 and CVE 2020-13956
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
