VYPR

Maven package

org.apache.nifi/nifi-framework-core

pkg:maven/org.apache.nifi/nifi-framework-core

Vulnerabilities (2)

  • CVE-2024-52067Nov 21, 2024
    affected >= 1.16.0, < 1.28.1fixed 1.28.1

    Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synch

  • CVE-2020-1942Feb 11, 2020
    affected >= 0.0.1, < 1.12.0-RC1fixed 1.12.0-RC1

    In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and loc