VYPR

NiFi MiNiFi C++

by Apache

CVEs (2)

  • CVE-2023-41180Sep 3, 2023
    risk 0.00cvss epss 0.00

    Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling…

  • CVE-2021-33191Aug 24, 2021
    risk 0.00cvss epss 0.04

    From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update"…