[
https://issues.apache.org/jira/browse/NIFI-10089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike R updated NIFI-10089:
--------------------------
Description:
Update jquery 3.5.1 to version 6.0, which was released in 2021. The vulnerable
jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.
The fix can be downloaded from
repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0
The associated CVE is CVE 2007-2379
was:
Update Commons-httpclient-3.1 to version at least 4.5.15.
The update can be found and downloaded from [the apache
website|https://hc.apache.org/downloads.cgi]
The vulnerable component is found at
/nifi-toolkit/lib/commons-httpclient-3.1.jar.
The affecting CVEs are CVE 2012-5783 and CVE 2020-13956
Summary: Update JQuery 3.5.1 (was: Update Commons-httpclient-3.1)
> Update JQuery 3.5.1
> -------------------
>
> Key: NIFI-10089
> URL: https://issues.apache.org/jira/browse/NIFI-10089
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.16.1, 1.16.2
> Reporter: Mike R
> Priority: Major
>
> Update jquery 3.5.1 to version 6.0, which was released in 2021. The
> vulnerable jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.
> The fix can be downloaded from
> repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0
> The associated CVE is CVE 2007-2379
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
