[NIFI-11589] Upgrade socket-io.parser to 4.2.3 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0-M1, 1.22.0
Component/s: NiFi Registry
Labels:
- dependency-upgrade

Description

The socket.io-parser library version 4.2.3 corrects a vulnerability in the library related to crafted HTTP requests. The socket.io-parser library is a transitive dependency of the karma testing library, so the vulnerability does not impact runtime behavior, but socket.io-parser should be upgraded.

Attachments

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/May/23 13:37

Updated:: 24/May/23 14:09

Resolved:: 24/May/23 14:09