VYPR

Maven package

org.apache.nifi/nifi-standard-processors

pkg:maven/org.apache.nifi/nifi-standard-processors

Vulnerabilities (2)

  • CVE-2023-36542Jul 29, 2023
    affected >= 0.0.2, < 1.23.0fixed 1.23.0

    Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Requi

  • CVE-2018-1309CriMay 23, 2018
    affected >= 0.1.0, < 1.6.0fixed 1.6.0

    Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users