Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.15.0
Description
MiNiFi depends on Guava 26.0 to support caching in the Config Service REST Resource. Although MiNiFi does not use the feature, Guava versions 30 and below have a vulnerability associated with temporary directory creation as described in CVE-2020-8908. Upgrading Guava to 31.0.1 addresses the associated vulnerability.
Attachments
Issue Links
- links to