[ https://issues.apache.org/jira/browse/NIFI-11640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17729368#comment-17729368 ]
Joe Witt commented on NIFI-11640: --------------------------------- Fix versions can be applied once there is a reviewer that looks into this and is merging. Thanks > Update download-maven-plugin to 1.7.0 > ------------------------------------- > > Key: NIFI-11640 > URL: https://issues.apache.org/jira/browse/NIFI-11640 > Project: Apache NiFi > Issue Type: Improvement > Reporter: Siddharth R > Assignee: Siddharth R > Priority: Minor > Labels: dependency-upgrade > Time Spent: 0.5h > Remaining Estimate: 0h > > Bump download-maven-plugin to 1.7.0 to remediate multiple CVEs: > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425] > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956] > [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200] > > -- This message was sent by Atlassian Jira (v8.20.10#820010)