Does CVE-2022-46364 affect Solr 7.3.1

Hello, Mend security scan has flagged cxf-core-3.4.3.jar with CVE-2022-46364. I believe this jar is pulled in as a dependency of Solr 7.3.1. I'm wondering if Solr is truly vulnerable to this issue. Thanks, Wesley ::DISCLAIMER:: The contents of this e-mail

[jira] [Commented] (NIFI-10694) Does CVE-2022-42889 affect Nifi Registry ?

[ https://issues.apache.org/jira/browse/NIFI-10694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17625941#comment-17625941 ] Wesley Philip commented on NIFI-10694: -- [~exceptionfactory] can you please let me know if NiFi

[jira] [Commented] (NIFI-10694) Does CVE-2022-42889 affect Nifi Registry ?

[ https://issues.apache.org/jira/browse/NIFI-10694?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17623961#comment-17623961 ] Wesley Philip commented on NIFI-10694: -- Thanks [~msr1716] .  Do you know approximately when Nifi

[jira] [Created] (NIFI-10694) Does CVE-2022-42889 affect Nifi Registry ?

Wesley Philip created NIFI-10694: Summary: Does CVE-2022-42889 affect Nifi Registry ? Key: NIFI-10694 URL: https://issues.apache.org/jira/browse/NIFI-10694 Project: Apache NiFi Issue Type

[jira] [Commented] (NIFI-9505) Upgrade Log4j 2 to 2.17.0

[ https://issues.apache.org/jira/browse/NIFI-9505?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17464163#comment-17464163 ] Wesley Philip commented on NIFI-9505: - It sounds like you're saying NiFi is not affected by [CVE-2021

[jira] [Commented] (NIFI-9474) Upgrade Log4j 2 to 2.15.0

[ https://issues.apache.org/jira/browse/NIFI-9474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17464156#comment-17464156 ] Wesley Philip commented on NIFI-9474: - Is Nifi 1.15.1 affected by  CVE-2021-45105? > Upgrade Log4

[jira] [Commented] (NIFI-9474) Upgrade Log4j 2 to 2.15.0

[ https://issues.apache.org/jira/browse/NIFI-9474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17460902#comment-17460902 ] Wesley Philip commented on NIFI-9474: - OK, thanks [~joewitt]  > Upgrade Log4j 2 to 2.1

[jira] [Commented] (NIFI-9474) Upgrade Log4j 2 to 2.15.0

[ https://issues.apache.org/jira/browse/NIFI-9474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17460888#comment-17460888 ] Wesley Philip commented on NIFI-9474: - Thanks [~pvillard] .  I understand that NiFi 1.15.1 removes all

[jira] [Commented] (NIFI-9474) Upgrade Log4j 2 to 2.15.0

[ https://issues.apache.org/jira/browse/NIFI-9474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17460824#comment-17460824 ] Wesley Philip commented on NIFI-9474: - Regarding this statement in the description: > We

[jira] [Commented] (NIFI-9474) Upgrade Log4j 2 to 2.15.0

[ https://issues.apache.org/jira/browse/NIFI-9474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17460164#comment-17460164 ] Wesley Philip commented on NIFI-9474: - Just wondering when this fix will be released publicly