You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Mike R (Jira)" <ji...@apache.org> on 2022/06/05 12:57:00 UTC
[jira] [Updated] (NIFI-10089) Update JQuery 3.5.1
[ https://issues.apache.org/jira/browse/NIFI-10089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mike R updated NIFI-10089:
--------------------------
Description:
Update jquery 3.5.1 to version 6.0, which was released in 2021. The vulnerable jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.
The fix can be downloaded from repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0
The associated CVE is CVE 2007-2379
was:
Update Commons-httpclient-3.1 to version at least 4.5.15.
The update can be found and downloaded from [the apache website|https://hc.apache.org/downloads.cgi]
The vulnerable component is found at /nifi-toolkit/lib/commons-httpclient-3.1.jar.
The affecting CVEs are CVE 2012-5783 and CVE 2020-13956
Summary: Update JQuery 3.5.1 (was: Update Commons-httpclient-3.1)
> Update JQuery 3.5.1
> -------------------
>
> Key: NIFI-10089
> URL: https://issues.apache.org/jira/browse/NIFI-10089
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.16.1, 1.16.2
> Reporter: Mike R
> Priority: Major
>
> Update jquery 3.5.1 to version 6.0, which was released in 2021. The vulnerable jquery is found at nifi-toolkit/lib/jquery-3.5.1.jar.
> The fix can be downloaded from repo1.maven.org/maven2/org/webjars/bower/jquery/3.6.0
> The associated CVE is CVE 2007-2379
--
This message was sent by Atlassian Jira
(v8.20.7#820007)