Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Invalid
-
1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.7.1
-
None
-
Inserted OWASP Dependency Check plugin into nifi pom.xml & ran report
Description
There are 74 High severity CVEs in nifi 1.8.0 according to OWASP Dependency check.
There is a possibility of a few false positives with this report, /but/ there is the commons-collections:commons-collections:3.2.1 issue which there is proof-of-concept exploit code out for for three years. These dependencies need to be cleaned up.