org.apache.nifi:nifi-administration (=1.10.0), org.apache.nifi:nifi-authorizer (=1.10.0) +22 more potentially affected by CVE-2020-1928 via org.apache.nifi:nifi-parameter (=1.10.0)

org.apache.nifi:nifi-parameter MAVEN version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.nifi:nifi-parameter and may be impacted: - org.apache.nifi:nifi-administration =1.10.0 - org.apache.nifi:nifi-authorizer =1.10.0 -...

Information Disclosure

nifi-parameter is vulnerable to information disclosure. The parameter parser logs parsed values for debugging purposes. The values can contain confidential information such as usernames and passwords...