David Handermann created NIFI-11980:
---------------------------------------
Summary: Upgrade Apache Ivy to 2.5.2
Key: NIFI-11980
URL: https://issues.apache.org/jira/browse/NIFI-11980
Project: Apache NiFi
Issue Type: Improvement
Components: Extensions
Reporter: David Handermann
Assignee: David Handermann
Fix For: 2.0.0, 1.24.0
The Scripting and Groovy extension component bundles include transitive
dependencies on Apache Ivy that should be upgraded to 2.5.2. Although NiFi
components do not make direct use of Apache Ivy, upgrading to version 2.5.2
addresses an XML External Entities vulnerability described in CVE-2022-46751.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
