Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.16.0, 1.15.1, 1.15.2, 1.15.3
-
None
-
None
-
Windows, Unix
Description
NiFi uses a vulnerable version of JQuery UI, which has 3 CVEs against it.
CVE-2021-41182 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182
CVE-2021-41183 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183
CVE-2021-41184 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184
The way to mitigate these CVEs would be to upgrade to JQuery UI version 1.13.1.