Lucene search

K

CVE-2017-15703

🗓️ 25 Jan 2018 21:00:00Reported by apacheType 
cvelist
 cvelist
🔗 www.cve.org👁 6 Views

Any authenticated user could upload a template containing malicious code causing a denial of service via Java deserialization attack. Fix applied on Apache NiFi 1.4.0 release. Users running prior 1.x release should upgrade

Show more
Related
Affected
Refs
ReporterTitlePublishedViews
Family
OSV
Denial of service via deserialization attack in nifi
25 Oct 201919:42
osv
OSV
CVE-2017-15703
25 Jan 201821:29
osv
Veracode
Java Deserialization
26 Jan 201804:42
veracode
Github Security Blog
Denial of service via deserialization attack in nifi
25 Oct 201919:42
github
CVE
CVE-2017-15703
25 Jan 201821:29
cve
Prion
Deserialization of untrusted data
25 Jan 201821:29
prion
NVD
CVE-2017-15703
25 Jan 201821:29
nvd
[
  {
    "product": "Apache NiFi",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0 - 1.3.0"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
25 Jan 2018 21:00Current
5.2Medium risk
Vulners AI Score5.2
EPSS0.001
6
.json
Report