Vulnerabilities > Apache > Nifi > 1.12.1

DATE CVE VULNERABILITY TITLE RISK
2021-12-17 CVE-2021-44145 Information Exposure vulnerability in Apache Nifi
In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.
network
low complexity
apache CWE-200
6.5
2021-01-19 CVE-2021-20190 A flaw was found in jackson-databind before 2.9.10.7.
network
high complexity
fasterxml netapp apache debian oracle
8.1