You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/10/19 14:42:00 UTC

[jira] [Created] (NIFI-10669) Upgrade Jettison to 1.5.1

David Handermann created NIFI-10669:
---------------------------------------

             Summary: Upgrade Jettison to 1.5.1
                 Key: NIFI-10669
                 URL: https://issues.apache.org/jira/browse/NIFI-10669
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Core Framework, Extensions, NiFi Registry
            Reporter: David Handermann
            Assignee: David Handermann


Several components depend on [Jettison|https://github.com/jettison-json/jettison] for JSON and XML handling. References should be upgraded to 1.5.1 to mitigate CVE-2022-40149, related to potential Denial-of-Service vulnerabilities from crafted sources.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)