Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.nifi/nifi@0.1.0
Typemaven
Namespaceorg.apache.nifi
Namenifi
Version0.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.24.0
Latest_non_vulnerable_version1.24.0
Affected_by_vulnerabilities
0
url VCID-rn4r-36ab-sfey
vulnerability_id VCID-rn4r-36ab-sfey
summary 
Exposure of Sensitive Information to an Unauthorized Actor
In the TransformXML processor of Apache NiFi an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44145
reference_id
reference_type
scores
0
value 0.00315
scoring_system epss
scoring_elements 0.54599
published_at 2026-04-26T12:55:00Z
1
value 0.00315
scoring_system epss
scoring_elements 0.54633
published_at 2026-04-11T12:55:00Z
2
value 0.00315
scoring_system epss
scoring_elements 0.54616
published_at 2026-04-12T12:55:00Z
3
value 0.00315
scoring_system epss
scoring_elements 0.54595
published_at 2026-04-13T12:55:00Z
4
value 0.00315
scoring_system epss
scoring_elements 0.54632
published_at 2026-04-16T12:55:00Z
5
value 0.00315
scoring_system epss
scoring_elements 0.54634
published_at 2026-04-18T12:55:00Z
6
value 0.00315
scoring_system epss
scoring_elements 0.54612
published_at 2026-04-21T12:55:00Z
7
value 0.00315
scoring_system epss
scoring_elements 0.54582
published_at 2026-04-24T12:55:00Z
8
value 0.00315
scoring_system epss
scoring_elements 0.54509
published_at 2026-04-01T12:55:00Z
9
value 0.00315
scoring_system epss
scoring_elements 0.54581
published_at 2026-04-02T12:55:00Z
10
value 0.00315
scoring_system epss
scoring_elements 0.54605
published_at 2026-04-04T12:55:00Z
11
value 0.00315
scoring_system epss
scoring_elements 0.54574
published_at 2026-04-07T12:55:00Z
12
value 0.00315
scoring_system epss
scoring_elements 0.54625
published_at 2026-04-08T12:55:00Z
13
value 0.00315
scoring_system epss
scoring_elements 0.5462
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44145
1
reference_url https://nifi.apache.org/security.html#1.15.1-vulnerabilities
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nifi.apache.org/security.html#1.15.1-vulnerabilities
2
reference_url http://www.openwall.com/lists/oss-security/2021/12/17/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/12/17/1
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44145
reference_id CVE-2021-44145
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44145
4
reference_url https://github.com/advisories/GHSA-rq96-qhc5-vm4r
reference_id GHSA-rq96-qhc5-vm4r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rq96-qhc5-vm4r
fixed_packages
0
url pkg:maven/org.apache.nifi/nifi@1.15.1
purl pkg:maven/org.apache.nifi/nifi@1.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3eka-p4cs-f3dz
1
vulnerability VCID-4uja-72yx-6qdc
2
vulnerability VCID-bpqd-tx8f-kycf
3
vulnerability VCID-dmw5-6pw6-j3d6
4
vulnerability VCID-g74u-zmqj-gyb7
5
vulnerability VCID-hy35-v2p5-2ycq
6
vulnerability VCID-rv8f-q4a4-xqbk
7
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.15.1
aliases CVE-2021-44145, GHSA-rq96-qhc5-vm4r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rn4r-36ab-sfey
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@0.1.0