Maven package
org.apache.nifi/nifi-framework-core
pkg:maven/org.apache.nifi/nifi-framework-core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-52067 | — | >= 1.16.0, < 1.28.1 | 1.28.1 | Nov 21, 2024 | Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synch | ||
| CVE-2020-1942 | — | >= 0.0.1, < 1.12.0-RC1 | 1.12.0-RC1 | Feb 11, 2020 | In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and loc |
- CVE-2024-52067Nov 21, 2024affected >= 1.16.0, < 1.28.1fixed 1.28.1
Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug logging for framework flow synch
- CVE-2020-1942Feb 11, 2020affected >= 0.0.1, < 1.12.0-RC1fixed 1.12.0-RC1
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and loc