VYPR

Maven package

org.apache.nifi/nifi-web-security

pkg:maven/org.apache.nifi/nifi-web-security

Vulnerabilities (1)

  • CVE-2019-12421Nov 19, 2019
    affected >= 1.3.0, < 1.10.0fixed 1.10.0

    When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours af