2 matches found
CVE-2019-10083
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents at the top most level, not recursively. The response included details about processors and controller services which the user may not have had read access to...
Apache NiFi Information Disclosure Vulnerability
Apache NiFi is a data processing and distribution system of the American Apache Apache Software Foundation. The system is primarily used for data routing, transformation and system intermediary logic. An information disclosure vulnerability exists in Apache NiFi versions 1.3.0 through 1.9.2, whic...