logo

Database

Non-encrypted confidential information In org.apache.nifi:nifi-standard-processors

Description

Unencrypted passwords A vulnerability found in Apache NIFI before v0.4.0-RC2. Passwords of InvokeHTTP weren?t encrypted.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GCVE-GHSA-q594-2475-8v9f

References

1. https://github.com/apache/nifi/commit/b4bfcc1f21fed3209bf4a8f187616cdbb3d1a5c9

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.