Maven package
org.apache.nifi/nifi-hikari-dbcp-service
pkg:maven/org.apache.nifi/nifi-hikari-dbcp-service
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-36542 | — | >= 0.0.2, < 1.23.0 | 1.23.0 | Jul 29, 2023 | Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Requi | ||
| CVE-2023-34468 | — | >= 0.0.2, < 1.22.0 | 1.22.0 | Jun 12, 2023 | The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and r |
- CVE-2023-36542Jul 29, 2023affected >= 0.0.2, < 1.23.0fixed 1.23.0
Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Requi
- CVE-2023-34468Jun 12, 2023affected >= 0.0.2, < 1.22.0fixed 1.22.0
The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and r