[
https://issues.apache.org/jira/browse/NIFI-15691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Gilman resolved NIFI-15691.
--------------------------------
Fix Version/s: 2.9.0
Resolution: Fixed
> Address various javascript/typescript dependabot findings (angular i18n xss,
> rollup, serialize-javascript, minimatch)
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-15691
> URL: https://issues.apache.org/jira/browse/NIFI-15691
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core UI
> Reporter: Rob Fellows
> Assignee: Rob Fellows
> Priority: Major
> Fix For: 2.9.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> There are a number of dependabot alerts that need addressed including these
> CVEs
> * {{GHSA-prjf-86w9-mfqv}} / {{CVE-2026-27970}} ({{{}@angular/core{}}})
> * {{GHSA-mw96-cpmx-2vgc}} / {{CVE-2026-27606}} ({{{}rollup{}}})
> * {{GHSA-5c6j-r48x-rmvq}} ({{{}serialize-javascript{}}})
> * {{GHSA-3ppc-4f35-3m26}} / {{CVE-2026-26996}} ({{{}minimatch{}}})
> * {{GHSA-7r86-cg39-jmmj}} / {{CVE-2026-27903}} ({{{}minimatch{}}})
> * {{GHSA-23c5-xmqv-rm74}} / {{CVE-2026-27904}} ({{{}minimatch{}}})
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
