[
https://issues.apache.org/jira/browse/NIFI-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-10346:
------------------------------------
Fix Version/s: 1.18.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Update OWASP Dependency Check Suppressions
> ------------------------------------------
>
> Key: NIFI-10346
> URL: https://issues.apache.org/jira/browse/NIFI-10346
> Project: Apache NiFi
> Issue Type: Task
> Components: Documentation & Website
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Fix For: 1.18.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The OWASP Dependency Check Plugin version 7.1.1 marks several libraries as
> vulnerable when the vulnerability applies to server components, but not
> client components. In other cases, the plugin associates vulnerabilities with
> a different product based on similar naming. The Suppressions configuration
> should be updated to note and suppress these findings.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
