[jira] [Created] (NIFI-10735) Update Hortonworks registries schema-registry-client to mitigate CVE

Mike R (Jira) Mon, 31 Oct 2022 04:44:31 -0700

Mike R created NIFI-10735:
-----------------------------

             Summary: Update Hortonworks registries schema-registry-client to 
mitigate CVE
                 Key: NIFI-10735
                 URL: https://issues.apache.org/jira/browse/NIFI-10735
             Project: Apache NiFi
          Issue Type: Improvement
    Affects Versions: 1.18.0
            Reporter: Mike R



Update Hortonworks registries schema-registry-client to mitigate CVE. Version 
0.9.1 has 2 CVE. Updating to 1.0.0 resolves both of these CVE. 

CVE are: 
[CVE-2020-15250|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250] 
and 
[CVE-2021-29425|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425]. 
Both have a medium score

The update can be found in the 
[nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/pom.xml|https://github.com/apache/nifi/blob/f65888dc5cd2c60ad22867be00c83a0c3a01c5e2/nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/pom.xml]
 file at line 27 with <hwx.registry.version>0.9.1</hwx.registry.version>



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (NIFI-10735) Update Hortonworks registries schema-registry-client to mitigate CVE

Reply via email to