3 matches found
CVE-2022-29265
creationtimestamp| type| source ---|---|--- 2022-04-30 12:25:49+00:00| seen| https://t.me/cibsecurity/41691 2024-01-28 01:46:28+00:00| seen| https://t.me/arpsyndicate/3152...
CVE-2022-29265 Improper Restriction of XML External Entity References in Multiple Components
Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML...
CVE-2022-29265
CVE-2022-29265 (NiFi) affects Apache NiFi 0.0.1–1.16.0, where multiple components do not restrict XML External Entity (XXE) references in the default configuration. The vulnerable processors—EvaluateXPath, EvaluateXQuery, and ValidateXml—can resolve XML entities when default properties are used, ...