Known vulnerabilities in Apache Foundation Apache Nifi 1.23.2
2.7.2
2.7.1
2.7.0
2.6.0
2.5.0
2.4.0
2.3.0
2.2.0
2.1.0
1.28.1
2.0.0
1.28.0
1.27.0
2.0.0-M4
2.0.0-M3
1.26.0
1.25.0
2.0.0-M2
2.0.0-M1
1.0.0-BETA-official
1.24.0
1.23.2
1.23.1
1.23.0
1.22.0
1.21.0
1.20.0
1.19.1
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.3
1.15.2
1.15.1
1.15.0
1.14.0
1.13.0
1.13.1
1.13.2
1.12.1
1.12.0
1.11.4
1.11.3
1.11.2
1.11.1
1.11.0
1.10.0
1.9.2
1.9.1
1.9.0
1.8.0
1.7.1
1.7.0
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.7.0
1.6
1.5
1.4
1.3
1.2
1.1.2
1.1.1
1.1
1.0.1
1.0
0.7.4
0.7.3
0.7.2
0.7.1
0.7
0.6.1
0.6
0.5.1
0.5
0.4.1
0.4
0.3
0.2.1
0.2
0.1
Security bulletins (7)
| Secuity bulletin | Severity | Status | Published |
|---|---|---|---|
| SB2025122302: Remote code execution in Apache NiFi | Medium | 23.12.2025 | |
| SB2025032715: MongoDB credentials disclosure in Apache NiFi | Low | 27.03.2025 | |
| SB2024122803: Missing authorization in Apache NiFi | Low | 28.12.2024 | |
| SB2024112111: Inclusion of sensitive information into log files in Apache NiFi | Low | 21.11.2024 | |
| SB2024102861: Stored XSS in Apache NiFi | Low | 28.10.2024 | |
| SB2024071080: Stored cross-site scripting in Apache Nifi | Low | 10.07.2024 | |
| SB2023112854: Cross-site scripting in Apache NiFi | Low | 28.11.2023 |