Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.nifi/nifi-standard-processors@0.0.1-incubating
Typemaven
Namespaceorg.apache.nifi
Namenifi-standard-processors
Version0.0.1-incubating
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.23.0
Latest_non_vulnerable_version1.23.0
Affected_by_vulnerabilities
0
url VCID-gg7c-f154-5bge
vulnerability_id VCID-gg7c-f154-5bge
summary Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior 1.x release should upgrade to the appropriate release.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1309
reference_id
reference_type
scores
0
value 0.03674
scoring_system epss
scoring_elements 0.87913
published_at 2026-04-13T12:55:00Z
1
value 0.03674
scoring_system epss
scoring_elements 0.87925
published_at 2026-04-21T12:55:00Z
2
value 0.03674
scoring_system epss
scoring_elements 0.87854
published_at 2026-04-01T12:55:00Z
3
value 0.03674
scoring_system epss
scoring_elements 0.87926
published_at 2026-04-18T12:55:00Z
4
value 0.03674
scoring_system epss
scoring_elements 0.87864
published_at 2026-04-02T12:55:00Z
5
value 0.03674
scoring_system epss
scoring_elements 0.87877
published_at 2026-04-04T12:55:00Z
6
value 0.03674
scoring_system epss
scoring_elements 0.87881
published_at 2026-04-07T12:55:00Z
7
value 0.03674
scoring_system epss
scoring_elements 0.87903
published_at 2026-04-08T12:55:00Z
8
value 0.03674
scoring_system epss
scoring_elements 0.87909
published_at 2026-04-09T12:55:00Z
9
value 0.03674
scoring_system epss
scoring_elements 0.8792
published_at 2026-04-11T12:55:00Z
10
value 0.03674
scoring_system epss
scoring_elements 0.87927
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1309
1
reference_url https://github.com/apache/nifi
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/nifi
2
reference_url https://github.com/apache/nifi/commit/28067a29fd13cdf8e21b440fc65c6dd67872522f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/nifi/commit/28067a29fd13cdf8e21b440fc65c6dd67872522f
3
reference_url https://issues.apache.org/jira/browse/NIFI-4869
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/NIFI-4869
4
reference_url https://nifi.apache.org/security.html#CVE-2018-1309
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nifi.apache.org/security.html#CVE-2018-1309
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1309
reference_id CVE-2018-1309
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1309
7
reference_url https://github.com/advisories/GHSA-42wx-65g4-5cxv
reference_id GHSA-42wx-65g4-5cxv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-42wx-65g4-5cxv
fixed_packages
0
url pkg:maven/org.apache.nifi/nifi-standard-processors@1.6.0
purl pkg:maven/org.apache.nifi/nifi-standard-processors@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-rv8f-q4a4-xqbk
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi-standard-processors@1.6.0
aliases CVE-2018-1309, GHSA-42wx-65g4-5cxv
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg7c-f154-5bge
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi-standard-processors@0.0.1-incubating