[NIFI-9976] Upgrade json-smart to 2.4.8 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.17.0, 1.16.2
Component/s: Extensions, NiFi Registry
Labels:
- dependency-upgrade

Description

Multiple extension modules and components in Registry have transitive dependencies on json-smart 2.3.0, which has CVE-2021-275568 associated parsing malformed inputs. Upgrading to version 2.4.8 resolves this issue and includes other improvements.

Attachments

Issue Links

links to

GitHub Pull Request #6005

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29/Apr/22 02:33

Updated:: 09/May/22 17:58

Resolved:: 29/Apr/22 08:13

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m