Vulnerabilities > Apache > Nifi > 1.10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-01 | CVE-2020-9486 | Information Exposure Through Log Files vulnerability in Apache Nifi In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. | 5.0 |
| 2020-10-01 | CVE-2020-13940 | XXE vulnerability in Apache Nifi In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. | 4.3 |
| 2020-02-11 | CVE-2020-1942 | Information Exposure vulnerability in Apache Nifi In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. | 5.0 |
| 2020-01-28 | CVE-2020-1933 | Cross-site Scripting vulnerability in Apache Nifi A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. | 4.3 |
| 2020-01-28 | CVE-2020-1928 | Information Exposure Through Log Files vulnerability in Apache Nifi 1.10.0 An information disclosure vulnerability was found in Apache NiFi 1.10.0. | 5.3 |