[ https://issues.apache.org/jira/browse/NIFI-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann updated NIFI-10346: ------------------------------------ Fix Version/s: 1.18.0 Resolution: Fixed Status: Resolved (was: Patch Available) > Update OWASP Dependency Check Suppressions > ------------------------------------------ > > Key: NIFI-10346 > URL: https://issues.apache.org/jira/browse/NIFI-10346 > Project: Apache NiFi > Issue Type: Task > Components: Documentation & Website > Reporter: David Handermann > Assignee: David Handermann > Priority: Minor > Fix For: 1.18.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > The OWASP Dependency Check Plugin version 7.1.1 marks several libraries as > vulnerable when the vulnerability applies to server components, but not > client components. In other cases, the plugin associates vulnerabilities with > a different product based on similar naming. The Suppressions configuration > should be updated to note and suppress these findings. -- This message was sent by Atlassian Jira (v8.20.10#820010)