Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.29 views

EUVD-2019-0720

Malware in sbrugna...

5CVSS5.2AI score0.00862EPSS
Exploits0References3
OSV
OSV
added 2018/01/25 9:29 p.m.21 views

CVE-2017-15703

Any authenticated user valid client certificate but without ACL permissions could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. Users...

5CVSS5.6AI score0.00862EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/25 9:0 p.m.33 views

CVE-2017-15703

Any authenticated user valid client certificate but without ACL permissions could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. Users...

5.2AI score0.00862EPSS
Exploits0References1
NVD
NVD
added 2017/10/10 6:29 p.m.26 views

CVE-2017-12623

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity XXE attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the...

6.5CVSS6.6AI score0.0194EPSS
Exploits3References1
Prion
Prion
added 2017/10/10 6:29 p.m.15 views

Xxe

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity XXE attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the...

4CVSS6.5AI score0.0194EPSS
Exploits3References1Affected Software1
OSV
OSV
added 2017/10/10 6:29 p.m.28 views

CVE-2017-12623

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity XXE attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the...

6.5CVSS6.9AI score0.0194EPSS
Exploits3References1
Rows per page
Query Builder