[jira] [Commented] (NIFI-10694) Does CVE-2022-42889 affect Nifi Registry ?

Mike R (Jira) Tue, 25 Oct 2022 10:39:11 -0700


    [ 
https://issues.apache.org/jira/browse/NIFI-10694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17623949#comment-17623949
 ]


Mike R commented on NIFI-10694:
-------------------------------

[~wesley.philip] The issue has been identified and fixed for NiFi version 
1.19.0  as shown in the following pull request. 
https://issues.apache.org/jira/browse/NIFI-10648 I cannot speak to whether NiFi 
Registry is affected

> Does CVE-2022-42889 affect Nifi Registry ?
> ------------------------------------------
>
>                 Key: NIFI-10694
>                 URL: https://issues.apache.org/jira/browse/NIFI-10694
>             Project: Apache NiFi
>          Issue Type: Bug
>            Reporter: Wesley Philip
>            Priority: Major
>
> Nifi Registry 17 contains this library:
>  
> /opt/nifi/nifi-toolkit-current/lib/commons-text-1.8.jar
>  
> Is Nifi Registry affected, and are their plans to address this CVE?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (NIFI-10694) Does CVE-2022-42889 affect Nifi Registry ?

Reply via email to