Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-10046

Upgrade Gson to 2.9.0

    XMLWordPrintableJSON

Details

    Description

      Multiple extension and tools depend on different version of Gson for JSON parsing and serialization. Gson versions prior to 2.8.9 have an associated vulnerability CVE-2022-25647 related to deserialization of untrusted data. The Gson version should be managed in the root Maven configuration for consistency and upgraded to 2.9.0.

      Attachments

        Issue Links

          Activity

            People

              exceptionfactory David Handermann
              exceptionfactory David Handermann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 40m
                  40m