[jira] [Updated] (NIFI-10346) Update OWASP Dependency Check Suppressions

David Handermann (Jira) Thu, 11 Aug 2022 06:59:40 -0700


     [ 
https://issues.apache.org/jira/browse/NIFI-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David Handermann updated NIFI-10346:
------------------------------------
    Status: Patch Available  (was: Open)

> Update OWASP Dependency Check Suppressions
> ------------------------------------------
>
>                 Key: NIFI-10346
>                 URL: https://issues.apache.org/jira/browse/NIFI-10346
>             Project: Apache NiFi
>          Issue Type: Task
>          Components: Documentation &amp; Website
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The OWASP Dependency Check Plugin version 7.1.1 marks several libraries as 
> vulnerable when the vulnerability applies to server components, but not 
> client components. In other cases, the plugin associates vulnerabilities with 
> a different product based on similar naming. The Suppressions configuration 
> should be updated to note and suppress these findings.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (NIFI-10346) Update OWASP Dependency Check Suppressions

Reply via email to