Количество 2
Количество 2
CVE-2017-12632
A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate release.
GHSA-w4x6-j349-9r57
Apache NiFi host header poisoning issue
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-12632 A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | CVSS3: 7.5 | 0% Низкий | около 8 лет назад |
| GHSA-w4x6-j349-9r57 Apache NiFi host header poisoning issue | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу