VYPR

NiFi Registry

by Apache

Source repositories

CVEs (2)

  • CVE-2022-33140Jun 15, 2022
    risk 0.00cvss epss 0.04

    The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is…

  • CVE-2020-9482Apr 28, 2020
    risk 0.00cvss epss 0.03

    If NiFi Registry 0.1.0 to 0.5.0 uses an authentication mechanism other than PKI, when the user clicks Log Out, NiFi Registry invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12…