Hortonworks Docs » DataFlow 3.2.0 » Release Notes
Release Notes
Also available as:
PDF

CVE-2018-1310

  • Summary: Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability
  • Severity: Moderate
  • Versions Affected: Apache NiFi 0.1.0 – 1.5.0
  • Description: Malicious JMS content could cause denial of service.
  • Mitigation: The fix to upgrade the activemq-client library to 5.15.3 was applied to the HDF 3.2.0 release. To address this issue, upgrade to HDF 3.2.0.
© 2012–2019, Hortonworks, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Hortonworks.com | Documentation | Support | Community