Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-11980

Upgrade Apache Ivy to 2.5.2

    XMLWordPrintableJSON

Details

    Description

      The Scripting and Groovy extension component bundles include transitive dependencies on Apache Ivy that should be upgraded to 2.5.2. Although NiFi components do not make direct use of Apache Ivy, upgrading to version 2.5.2 addresses an XML External Entities vulnerability described in CVE-2022-46751.

      Attachments

        Activity

          People

            exceptionfactory David Handermann
            exceptionfactory David Handermann
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 40m
                40m