Albert Baker created NIFI-5957:
----------------------------------
Summary: 74 high severity CVEs in nifi 1.8.0 - third party
dependency libraries
Key: NIFI-5957
URL: https://issues.apache.org/jira/browse/NIFI-5957
Project: Apache NiFi
Issue Type: Bug
Components: Core Framework, Security
Affects Versions: 1.7.1, 1.8.0, 1.7.0, 1.6.0, 1.5.0
Environment: Inserted OWASP Dependency Check plugin into nifi pom.xml
& ran report
Reporter: Albert Baker
There are 74 High severity CVEs in nifi 1.8.0 according to OWASP Dependency
check.
There is a possibility of a few false positives with this report, /but/ there
is the commons-collections:commons-collections:3.2.1 issue which there is
proof-of-concept exploit code out for for three years. These dependencies
need to be cleaned up.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
