CVE-2021-44145 is a vulnerability in Apache NiFi
Published on December 17, 2021

Apache NiFi information disclosure by XXE
In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.

NVD

Products Associated with CVE-2021-44145

Want to know whenever a new CVE is published for Apache NiFi? stack.watch will email you.

Apache NiFi

Affected Versions

Apache Software Foundation Apache NiFi:

Version Apache NiFi, <= 1.15.0 is affected.

Exploit Probability

EPSS

0.32%

Percentile

54.21%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-44145 is a vulnerability in Apache NiFiPublished on December 17, 2021

Products Associated with CVE-2021-44145

Affected Versions

Exploit Probability

CVE-2021-44145 is a vulnerability in Apache NiFi
Published on December 17, 2021