Improper Restriction of XML External Entity Reference in Apache NiFi

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

Apache NiFi SplitXML processor code execution vulnerability

Apache NiFi is the United States Apache Apache Software Foundation of a set of data flow-based data processing and distribution system. The system supports the configuration and transformation of data routing indicator maps and system intermediary logic , etc. SplitXML processor is one of the XML...

CVE-2018-1309

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

CVE-2018-1309

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

Information disclosure

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

CVE-2018-1309

Apache NiFi SplitXML processor is affected by an XML External Entity (XXE) vulnerability. Malicious XML content can lead to information disclosure or remote code execution. The issue arises from handling external entities and DOCTYPE processing; mitigation implemented in NiFi 1.6.0 disables exter...