3 matches found
BIT-NIFI-2023-34468 Apache NiFi: Potential Code Injection with Database Services using H2
The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Database URL and rejects H2 JDBC...
Linux Distros Unpatched Vulnerability : CVE-2023-7158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function sliceindices of the file objslice.c. The...
PT-2021-7477 · Numpy +4 · Numpy +4
Name of the Vulnerable Software and Affected Versions: NumPy versions prior to 1.22.0 NumPy versions 1.9.x Description: The issue is related to an incomplete string comparison in the numpy.core component, which allows attackers to trigger slightly incorrect copying by constructing specific string...