VYPR

Maven package

org.apache.nifi/nifi-stateless

pkg:maven/org.apache.nifi/nifi-stateless

Vulnerabilities (1)

  • CVE-2020-9486Oct 1, 2020
    affected >= 1.10.0, < 1.12.0-RC1fixed 1.12.0-RC1

    In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.