You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Mike R (Jira)" <ji...@apache.org> on 2022/06/05 12:57:00 UTC

[jira] [Updated] (NIFI-10089) Update JQuery 3.5.1

     [ https://issues.apache.org/jira/browse/NIFI-10089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mike R updated NIFI-10089:
--------------------------
    Description: 
Update jquery 3.5.1 to version 6.0, which was released in 2021. The vulnerable jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.

The fix can be downloaded from repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0

The associated CVE is CVE 2007-2379

  was:
Update Commons-httpclient-3.1 to version at least 4.5.15. 

The update can be found and downloaded from [the apache website|https://hc.apache.org/downloads.cgi]

The vulnerable component is found at /nifi-toolkit/lib/commons-httpclient-3.1.jar.

The affecting CVEs are CVE 2012-5783 and CVE 2020-13956

        Summary: Update JQuery 3.5.1  (was: Update Commons-httpclient-3.1)

> Update JQuery 3.5.1
> -------------------
>
>                 Key: NIFI-10089
>                 URL: https://issues.apache.org/jira/browse/NIFI-10089
>             Project: Apache NiFi
>          Issue Type: Improvement
>    Affects Versions: 1.16.1, 1.16.2
>            Reporter: Mike R
>            Priority: Major
>
> Update jquery 3.5.1 to version 6.0, which was released in 2021. The vulnerable jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.
> The fix can be downloaded from repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0
> The associated CVE is CVE 2007-2379



--
This message was sent by Atlassian Jira
(v8.20.7#820007)