Known vulnerabilities in Apache Foundation Apache Nifi 1.16.0
2.7.2
2.7.1
2.7.0
2.6.0
2.5.0
2.4.0
2.3.0
2.2.0
2.1.0
1.28.1
2.0.0
1.28.0
1.27.0
2.0.0-M4
2.0.0-M3
1.26.0
1.25.0
2.0.0-M2
2.0.0-M1
1.0.0-BETA-official
1.24.0
1.23.2
1.23.1
1.23.0
1.22.0
1.21.0
1.20.0
1.19.1
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.3
1.15.2
1.15.1
1.15.0
1.14.0
1.13.0
1.13.1
1.13.2
1.12.1
1.12.0
1.11.4
1.11.3
1.11.2
1.11.1
1.11.0
1.10.0
1.9.2
1.9.1
1.9.0
1.8.0
1.7.1
1.7.0
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.7.0
1.6
1.5
1.4
1.3
1.2
1.1.2
1.1.1
1.1
1.0.1
1.0
0.7.4
0.7.3
0.7.2
0.7.1
0.7
0.6.1
0.6
0.5.1
0.5
0.4.1
0.4
0.3
0.2.1
0.2
0.1
Security bulletins (10)
| Secuity bulletin | Severity | Status | Published |
|---|---|---|---|
| SB2025032715: MongoDB credentials disclosure in Apache NiFi | Low | 27.03.2025 | |
| SB2024122803: Missing authorization in Apache NiFi | Low | 28.12.2024 | |
| SB2024112111: Inclusion of sensitive information into log files in Apache NiFi | Low | 21.11.2024 | |
| SB2024102861: Stored XSS in Apache NiFi | Low | 28.10.2024 | |
| SB2024071080: Stored cross-site scripting in Apache Nifi | Low | 10.07.2024 | |
| SB2023112854: Cross-site scripting in Apache NiFi | Low | 28.11.2023 | |
| SB2023080112: Privilege escalation in Apache NiFi | Low | 01.08.2023 | |
| SB2023061353: Multiple vulnerabilities in Apache Nifi | Medium | 13.06.2023 | |
| SB2023021012: XXE in Apache NiFi | High | 10.02.2023 | |
| SB2022061530: OS Command Injection in Apache NiFi | Medium | 15.06.2022 |