David Handermann created NIFI-13933:
---------------------------------------
Summary: Upgrade Spring Security to 6.3.4 and Address Dependency
Check Findings
Key: NIFI-13933
URL: https://issues.apache.org/jira/browse/NIFI-13933
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Reporter: David Handermann
Assignee: David Handermann
Spring Security dependencies should be upgraded to 6.3.4 to address findings
for CVE-2024-38821. This vulnerability applies to WebFlux libraries that NiFi
does not use.
In addition, recent Dependency Check Plugin reports include a number of false
positives related to Azure Identity libraries. False positives should be
suppressed and other impacted dependencies should be upgraded.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
