Each Apache NiFi release tends to upgrade several dependencies, so from a security standpoint we always recommend using the latest version.
For that specific CVE, however, you will want to use NiFi version 1.26.0 or higher. Regards, -- Mike On Wed, Oct 2, 2024 at 10:19 AM Chirthani, Deepak Reddy < c-deepakreddy.chirth...@charter.com> wrote: > Hi, > > > > Wanted to know to resolve the cve-2024-22243 on Nifi on-prem clusters with > version 1.21.0. Any inputs/advises are appreciated. > > > > Thanks > The contents of this e-mail message and any attachments are intended > solely for the addressee(s) and may contain confidential and/or legally > privileged information. If you are not the intended recipient of this > message or if this message has been addressed to you in error, please > immediately alert the sender by reply e-mail and then delete this message > and any attachments. If you are not the intended recipient, you are > notified that any use, dissemination, distribution, copying, or storage of > this message or any attachment is strictly prohibited. >
