VYPR

Maven package

org.apache.nifi/nifi-hikari-dbcp-service

pkg:maven/org.apache.nifi/nifi-hikari-dbcp-service

Vulnerabilities (2)

  • CVE-2023-36542Jul 29, 2023
    affected >= 0.0.2, < 1.23.0fixed 1.23.0

    Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Requi

  • CVE-2023-34468Jun 12, 2023
    affected >= 0.0.2, < 1.22.0fixed 1.22.0

    The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and r