Apache Nifi Minifi C
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apache Nifi Minifi C.
By the Year
In 2025 there have been 0 vulnerabilities in Apache Nifi Minifi C. Nifi Minifi C did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 5.90 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Nifi Minifi C vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Nifi Minifi C Security Vulnerabilities
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14
CVE-2023-41180
5.9 - Medium
- September 03, 2023
Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default, when using HTTPS. Mitigation: Set the Disable Peer Verification property of InvokeHTTP to true when using MiNiFi C++ versions 0.13.0 or 0.14.0. Upgrading to MiNiFi C++ 0.15.0 corrects the default behavior.
Improper Certificate Validation
From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command
CVE-2021-33191
9.8 - Critical
- August 24, 2021
From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command is then executed using the same privileges as the application binary. This was addressed in version 0.10.0
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Nifi Minifi C or by Apache? Click the Watch button to subscribe.
