nifi-socket-utils uses insecure encryption standards. The weakness arises as it continued to allow support of TLS v1.0 and v1.1, when the NiFi UI, API, as well as listening for connections established by processors like ListenHTTP, HandleHttpRequest were protected by mandating TLS v1.2.
github.com/apache/nifi/commit/441781cec50f77d9f1e65093f55bbd614b8c5ec6
github.com/apache/nifi/pull/4263
lists.apache.org/thread.html/r2d9c21f9ec35d66f2bb42f8abe876dabd786166b6284e9a33582c718@%3Ccommits.nifi.apache.org%3E
lists.apache.org/thread.html/re48582efe2ac973f8cff55c8b346825cb491c71935e15ab2d61ef3bf@%3Ccommits.nifi.apache.org%3E
nifi.apache.org/security#CVE-2020-9491