Filter
Versions
1.0.0
16
1.1.0
6
1.1.1
5
1.10.0
5
1.11.4
4
1.2.0
4
0.7.0
3
1.0.1
3
1.1.2
3
1.3.0
3
1.4.0
3
1.7.1
3
1.9.2
3
0.0.1
2
0.0.2
2
0.7.1
2
0.7.3
2
1.14.0
2
1.21.0
2
2.0.0-milestone1
2
2.0.0-milestone2
2
2.0.0-milestone3
2
0.1.0
1
1.11.0
1
1.12.1
1
1.13.0
1
1.15.0
1
1.16.0
1
1.16.2
1
1.19.1
1
1.22.0
1
1.27.0
1
1.6.0
1
1.7.0
1
1.8.0
1
2.0.0-milestone1-rc1
1
2.0.0-milestone1-rc2
1
2.0.0-milestone1-rc3
1
2.0.0-milestone1-rc4
1
2.0.0-milestone1-rc5
1
2.0.0-milestone1-rc6
1
2.0.0-milestone2-rc1
1
2.0.0-milestone2-rc2
1
2.0.0-milestone2-rc3
1
2.0.0-milestone2-rc4
1
2.0.0-milestone3-rc1
1
maven/com.fasterxml.jackson.core:jackson-databindSSRF
9.8
First published (updated )
Apache NiFiIn Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serializa…
9.8
First published (updated )
Apache NiFiApache NiFi: Potential Code Injection with Database Services using H2
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache NiFiWhen using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions…
8.8
First published (updated )
Apache NiFiApache NiFi: Potential Code Injection with Properties Referencing Remote Resources
8.8
First published (updated )
Apache NiFiImproper Neutralization of Command Elements in Shell User Group Provider
8.8
First published (updated )
maven/org.apache.nifi:nifi-jolt-transform-json-uiApache NiFi: Improper Neutralization of Input in Advanced User Interface for Jolt
7.9
First published (updated )
maven/org.apache.nifi:nifi-framework-clusterInput Validation
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.nifi:nifi-statelessIn Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which inclu…
7.5
First published (updated )
Oracle Utilities FrameworkA flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is n…
7.5
First published (updated )
Eclipse JettyEclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request conta…
7.5
First published (updated )
Apache NiFiIn Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user requ…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache NiFiApache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers…
7.5
First published (updated )
Apache NiFiIn Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed c…
7.5
First published (updated )
Apache NiFiIn Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as…
7.5
First published (updated )
Apache NiFiApache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS conten…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache NiFiImproper Restriction of XML External Entity References in Multiple Components
7.5
First published (updated )
Apache NiFiApache NiFi information disclosure by XXE
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache NiFiThe X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplica…
6.5
First published (updated )
Apache NiFiApache NiFi: Potential Deserialization of Untrusted Data with JNDI in JMS Components
6.5
First published (updated )
Apache NiFiApache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.