VYPR

Maven package

org.apache.nifi/nifi-dbcp-service-api

pkg:maven/org.apache.nifi/nifi-dbcp-service-api

Vulnerabilities (1)

  • CVE-2023-40037Aug 18, 2023
    affected >= 1.21.0, < 1.23.1fixed 1.23.1

    Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL valid