Mike R created NIFI-10184:
-----------------------------
Summary: Update Antlr-Runtime To 4.X
Key: NIFI-10184
URL: https://issues.apache.org/jira/browse/NIFI-10184
Project: Apache NiFi
Issue Type: Improvement
Reporter: Mike R
The current version of nifi-record-serialization-services includes a compile
dependency of antlr-runtime of 3.5.2. The antlr-runtime of 3.5.2 has a
vulnerable dependency of a vulnerable version of junit 4.10, which has
CVE-2020-15250 filed against it. If possible, would updating to version 4.X
work?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
