Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2023/07/29 9:30 a.m.3 views

org.apache.nifi.minifi:minifi-assembly (=1.22.0), org.apache.nifi:nifi-dbcp-service-nar (>=1.16.0 <=1.22.0) +1 more potentially affected by CVE-2023-36542 via org.apache.nifi:nifi-hikari-dbcp-service (>=1.16.0 <=1.22.0)

org.apache.nifi:nifi-hikari-dbcp-service MAVEN version =1.16.0, =1.16.0, =1.16.0, =1.18.0 Source cves: CVE-2023-36542 Source advisory: OSV:GHSA-R969-8V3H-23V9...

8.8CVSS7.2AI score0.0199EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/29 9:30 a.m.6 views

org.apache.nifi:nifi-jms-processors-nar (>=0.6.0 <=1.22.0) potentially affected by CVE-2023-36542 via org.apache.nifi:nifi-jms-processors (>=0.6.0 <=1.22.0)

org.apache.nifi:nifi-jms-processors MAVEN version =0.6.0, =0.6.0, =1.22.0 Source cves: CVE-2023-36542 Source advisory: OSV:GHSA-R969-8V3H-23V9...

8.8CVSS7.2AI score0.0199EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/07/29 9:30 a.m.6 views

org.apache.nifi:nifi-hadoop-dbcp-service-nar (>=1.12.0 <=1.22.0) potentially affected by CVE-2023-36542 via org.apache.nifi:nifi-hadoop-dbcp-service (>=1.12.0 <=1.22.0)

org.apache.nifi:nifi-hadoop-dbcp-service MAVEN version =1.12.0, =1.12.0, =1.22.0 Source cves: CVE-2023-36542 Source advisory: OSV:GHSA-R969-8V3H-23V9...

8.8CVSS7.2AI score0.0199EPSS
Exploits0
CVE
CVE
added 2023/07/29 7:12 a.m.113 views

CVE-2023-36542

Summary of CVE-2023-36542 (Apache NiFi) : NiFi versions 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which can enable a privileged user to configure a location that allows custom code execution. The root cause involves re...

8.8CVSS8.8AI score0.0199EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/07/29 7:12 a.m.60 views

CVE-2023-36542 Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission fo...

9AI score0.0199EPSS
Exploits0References4
Rows per page
Query Builder