org.apache.nifi:nifi-standard-processors@1.0.1 vulnerabilities
-
latest version
1.25.0
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
3 months ago
-
licenses detected
- [0.0.1-incubating,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.nifi:nifi-standard-processors package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.nifi:nifi-standard-processors is a powerful, and reliable system to process and distribute data Affected versions of this package are vulnerable to Arbitrary Code Injection when retrieving a driver via remote URI. Permissions are not sufficiently checked when allowing users to reference remote resources. How to fix Arbitrary Code Injection? Upgrade |
[0.0.2-incubating,1.23.0)
|
org.apache.nifi:nifi-standard-processors is a powerful, and reliable system to process and distribute data Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via the How to fix XML External Entity (XXE) Injection? Upgrade |
[,1.15.1)
|
org.apache.nifi:nifi-standard-processors is a system to process and distribute data. Affected versions of this package are vulnerable to Arbitrary Code Execution via the SplitXML processor. An attacker could send a malicious XML file that could cause information disclosure or remote code execution. How to fix XML External Entity (XXE) Injection? Upgrade |
[,1.6.0)
|