pkg:Bitnami/nifi

共 24 筆 CVEHIGH12MEDIUM10

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2026-39816Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService
    >= 2.0.0, < 2.9.0
  • HIGH8.8CVE-2023-36542Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources
    >= 0.0.2, <= 1.22.0
  • HIGH8.8CVE-2023-34468Apache NiFi: Potential Code Injection with Database Services using H2
    >= 0.0.2, < 1.22.0
  • HIGH8.8CVE-2022-33140Improper Neutralization of Command Elements in Shell User Group Provider
    >= 1.10.0, <= 1.16.2
  • HIGH8.1CVE-2021-20190Deserialization of untrusted data in jackson-databind
    >= 1.7.0, <= 1.12.1
  • HIGH7.9CVE-2023-49145Apache NiFi: Improper Neutralization of Input in Advanced User Interface for Jolt
    >= 0.7.0, < 1.24.0
  • HIGH7.5CVE-2023-22832Apache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes
    >= 1.2.0, <= 1.19.1
  • HIGH7.5CVE-2022-29265Improper Restriction of XML External Entity References in Multiple Components
    >= 0.0.1, <= 1.16.0
  • HIGH7.5CVE-2020-9491Inadequate Encryption Strength in Apache NiFi
    >= 1.0.0, <= 1.11.4
  • HIGH7.5CVE-2020-9487Missing Authentication for Critical Function in Apache NiFi
    >= 1.0.0, <= 1.11.4
  • HIGH7.5CVE-2020-9486Insertion of Sensitive Information into Log File in Apache NiFi Stateless
    >= 1.0.0, <= 1.11.4
  • HIGH7.5CVE-2020-1942Insertion of Sensitive Information into Log File in Apache NiFi
    >= 0.0.1, <= 1.11.0
  • MEDIUM6.5CVE-2023-40037Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs
    >= 1.21.0, < 1.23.1
  • MEDIUM6.5CVE-2023-34212Apache NiFi: Potential Deserialization of Untrusted Data with JNDI in JMS Components
    >= 1.8.0, <= 1.21.0
  • MEDIUM6.5CVE-2022-26850Insufficiently protected credentials
    >= 1.14.0, < 1.16.0
  • MEDIUM6.5CVE-2021-44145Apache NiFi information disclosure by XXE
    >= 0.1.0, < 1.15.1
  • MEDIUM6.1CVE-2020-1933Cross-site scripting in Apache NiFi
    >= 1.0.0, <= 1.10.0
  • MEDIUM5.5CVE-2020-13940Improper Restriction of XML External Entity Reference in Apache NiFi
    >= 1.0.0, <= 1.11.4
  • MEDIUM5.4CVE-2024-56512Apache NiFi: Missing Complete Authorization for Parameter and Service References
    >= 1.10.0, < 2.1.0
  • MEDIUM5.3CVE-2020-1928Apache NiFi Insertion of Sensitive Information into Log File
    >= 1.10.0, <= 1.10.0
  • MEDIUM5.3CVE-2020-27223DOS vulnerability for Quoted Quality CSV headers
    >= 1.13.0, <= 1.13.0
  • MEDIUM4.6CVE-2024-45477Apache NiFi: Improper Neutralization of Input in Parameter Description
    >= 1.10.0, < 1.28.0
  • CVE-2026-25903Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
    >= 1.1.0, < 2.8.0
  • CVE-2025-66524Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor
    >= 1.20.0, < 2.7.0