[NIFI-12827] Upgrade PostgresSQL JDBC to 42.7.2 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.26.0, 2.0.0-M3
Component/s: Extensions, NiFi Registry
Labels:
- Testing

Description

The PostgreSQL JDBC Driver in versions prior to 42.7.2 is vulnerable to SQL injection using a non-default configuration property. The PostgreSQL JDBC Driver is not distributed in any NiFi components, it is only used as a dependency for integration tests, but it should be upgraded to avoid warnings related to CVE-2024-1597.

Attachments

Issue Links

links to

GitHub Pull Request #8436

GitHub Pull Request #8437

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Feb/24 03:21

Updated:: 21/Feb/24 03:32

Resolved:: 21/Feb/24 03:31

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

50m