Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
Description
Quartz Scheduler versions below 2.3.0 have a potential XML External Entity vulnerability CVE-2019-13990. Although it does not include external loading of XML job description files, MiNiFi currently references version 2.2.1.
Attachments
Issue Links
- links to