Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2ema-4jrp-3kfr
Summary
Inadequate Encryption Strength in Apache NiFi
In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced queues continued to support TLS v1.0 or v1.1.
Aliases
0
alias CVE-2020-9491
1
alias GHSA-rfmp-jvr7-hx78
Fixed_packages
0
url pkg:maven/org.apache.nifi/nifi@1.12.0
purl pkg:maven/org.apache.nifi/nifi@1.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3eka-p4cs-f3dz
1
vulnerability VCID-4uja-72yx-6qdc
2
vulnerability VCID-bpqd-tx8f-kycf
3
vulnerability VCID-ec58-s3nd-7yaz
4
vulnerability VCID-g74u-zmqj-gyb7
5
vulnerability VCID-hy35-v2p5-2ycq
6
vulnerability VCID-rn4r-36ab-sfey
7
vulnerability VCID-rv8f-q4a4-xqbk
8
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.12.0
Affected_packages
0
url pkg:maven/org.apache.nifi/nifi@1.0.0
purl pkg:maven/org.apache.nifi/nifi@1.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hne-dn7f-4yfy
1
vulnerability VCID-2dsr-hras-zudk
2
vulnerability VCID-2ema-4jrp-3kfr
3
vulnerability VCID-3eka-p4cs-f3dz
4
vulnerability VCID-3rp1-pc25-euhm
5
vulnerability VCID-4fnm-bxv8-vqhz
6
vulnerability VCID-6mt2-4tn4-5bcb
7
vulnerability VCID-bppj-knks-jybe
8
vulnerability VCID-bpqd-tx8f-kycf
9
vulnerability VCID-cg2v-phw4-ake2
10
vulnerability VCID-gqjq-sbf1-x7ew
11
vulnerability VCID-hy35-v2p5-2ycq
12
vulnerability VCID-j263-1hyr-t7hn
13
vulnerability VCID-k1bm-1u7b-vybp
14
vulnerability VCID-r9su-47z6-x7cw
15
vulnerability VCID-rj21-6d19-gqbe
16
vulnerability VCID-rjau-hbsn-u3ah
17
vulnerability VCID-rn4r-36ab-sfey
18
vulnerability VCID-rv8f-q4a4-xqbk
19
vulnerability VCID-tnfn-2kzc-rugx
20
vulnerability VCID-w18h-3c8s-s3eq
21
vulnerability VCID-xv8d-3nef-dygg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.0.0
1
url pkg:maven/org.apache.nifi/nifi@1.0.1
purl pkg:maven/org.apache.nifi/nifi@1.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-3rp1-pc25-euhm
4
vulnerability VCID-4fnm-bxv8-vqhz
5
vulnerability VCID-6mt2-4tn4-5bcb
6
vulnerability VCID-bppj-knks-jybe
7
vulnerability VCID-bpqd-tx8f-kycf
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-j263-1hyr-t7hn
11
vulnerability VCID-k1bm-1u7b-vybp
12
vulnerability VCID-r9su-47z6-x7cw
13
vulnerability VCID-rj21-6d19-gqbe
14
vulnerability VCID-rjau-hbsn-u3ah
15
vulnerability VCID-rn4r-36ab-sfey
16
vulnerability VCID-rv8f-q4a4-xqbk
17
vulnerability VCID-tnfn-2kzc-rugx
18
vulnerability VCID-w18h-3c8s-s3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.0.1
2
url pkg:maven/org.apache.nifi/nifi@1.1.0
purl pkg:maven/org.apache.nifi/nifi@1.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hne-dn7f-4yfy
1
vulnerability VCID-2dsr-hras-zudk
2
vulnerability VCID-2ema-4jrp-3kfr
3
vulnerability VCID-3eka-p4cs-f3dz
4
vulnerability VCID-3rp1-pc25-euhm
5
vulnerability VCID-4fnm-bxv8-vqhz
6
vulnerability VCID-6mt2-4tn4-5bcb
7
vulnerability VCID-bppj-knks-jybe
8
vulnerability VCID-bpqd-tx8f-kycf
9
vulnerability VCID-gqjq-sbf1-x7ew
10
vulnerability VCID-hy35-v2p5-2ycq
11
vulnerability VCID-j263-1hyr-t7hn
12
vulnerability VCID-k1bm-1u7b-vybp
13
vulnerability VCID-r9su-47z6-x7cw
14
vulnerability VCID-rj21-6d19-gqbe
15
vulnerability VCID-rjau-hbsn-u3ah
16
vulnerability VCID-rn4r-36ab-sfey
17
vulnerability VCID-rv8f-q4a4-xqbk
18
vulnerability VCID-tnfn-2kzc-rugx
19
vulnerability VCID-w18h-3c8s-s3eq
20
vulnerability VCID-xv8d-3nef-dygg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.1.0
3
url pkg:maven/org.apache.nifi/nifi@1.1.1
purl pkg:maven/org.apache.nifi/nifi@1.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1hne-dn7f-4yfy
1
vulnerability VCID-2dsr-hras-zudk
2
vulnerability VCID-2ema-4jrp-3kfr
3
vulnerability VCID-3eka-p4cs-f3dz
4
vulnerability VCID-3rp1-pc25-euhm
5
vulnerability VCID-6mt2-4tn4-5bcb
6
vulnerability VCID-bppj-knks-jybe
7
vulnerability VCID-bpqd-tx8f-kycf
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-j263-1hyr-t7hn
11
vulnerability VCID-k1bm-1u7b-vybp
12
vulnerability VCID-r9su-47z6-x7cw
13
vulnerability VCID-rj21-6d19-gqbe
14
vulnerability VCID-rjau-hbsn-u3ah
15
vulnerability VCID-rn4r-36ab-sfey
16
vulnerability VCID-rv8f-q4a4-xqbk
17
vulnerability VCID-tnfn-2kzc-rugx
18
vulnerability VCID-w18h-3c8s-s3eq
19
vulnerability VCID-xv8d-3nef-dygg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.1.1
4
url pkg:maven/org.apache.nifi/nifi@1.1.2
purl pkg:maven/org.apache.nifi/nifi@1.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-3rp1-pc25-euhm
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-gqjq-sbf1-x7ew
8
vulnerability VCID-hy35-v2p5-2ycq
9
vulnerability VCID-j263-1hyr-t7hn
10
vulnerability VCID-k1bm-1u7b-vybp
11
vulnerability VCID-r9su-47z6-x7cw
12
vulnerability VCID-rj21-6d19-gqbe
13
vulnerability VCID-rjau-hbsn-u3ah
14
vulnerability VCID-rn4r-36ab-sfey
15
vulnerability VCID-rv8f-q4a4-xqbk
16
vulnerability VCID-tnfn-2kzc-rugx
17
vulnerability VCID-w18h-3c8s-s3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.1.2
5
url pkg:maven/org.apache.nifi/nifi@1.2.0
purl pkg:maven/org.apache.nifi/nifi@1.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-3rp1-pc25-euhm
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-j263-1hyr-t7hn
11
vulnerability VCID-k1bm-1u7b-vybp
12
vulnerability VCID-r9su-47z6-x7cw
13
vulnerability VCID-rj21-6d19-gqbe
14
vulnerability VCID-rjau-hbsn-u3ah
15
vulnerability VCID-rn4r-36ab-sfey
16
vulnerability VCID-rv8f-q4a4-xqbk
17
vulnerability VCID-tnfn-2kzc-rugx
18
vulnerability VCID-w18h-3c8s-s3eq
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.2.0
6
url pkg:maven/org.apache.nifi/nifi@1.3.0
purl pkg:maven/org.apache.nifi/nifi@1.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-3rp1-pc25-euhm
4
vulnerability VCID-4v3d-ugqf-uyag
5
vulnerability VCID-6mt2-4tn4-5bcb
6
vulnerability VCID-bppj-knks-jybe
7
vulnerability VCID-bpqd-tx8f-kycf
8
vulnerability VCID-g74u-zmqj-gyb7
9
vulnerability VCID-gqjq-sbf1-x7ew
10
vulnerability VCID-hy35-v2p5-2ycq
11
vulnerability VCID-j263-1hyr-t7hn
12
vulnerability VCID-k1bm-1u7b-vybp
13
vulnerability VCID-rj21-6d19-gqbe
14
vulnerability VCID-rjau-hbsn-u3ah
15
vulnerability VCID-rn4r-36ab-sfey
16
vulnerability VCID-rv8f-q4a4-xqbk
17
vulnerability VCID-w18h-3c8s-s3eq
18
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.3.0
7
url pkg:maven/org.apache.nifi/nifi@1.4.0
purl pkg:maven/org.apache.nifi/nifi@1.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-j263-1hyr-t7hn
11
vulnerability VCID-k1bm-1u7b-vybp
12
vulnerability VCID-rj21-6d19-gqbe
13
vulnerability VCID-rjau-hbsn-u3ah
14
vulnerability VCID-rn4r-36ab-sfey
15
vulnerability VCID-rv8f-q4a4-xqbk
16
vulnerability VCID-w18h-3c8s-s3eq
17
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.4.0
8
url pkg:maven/org.apache.nifi/nifi@1.5.0
purl pkg:maven/org.apache.nifi/nifi@1.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-j263-1hyr-t7hn
11
vulnerability VCID-rj21-6d19-gqbe
12
vulnerability VCID-rn4r-36ab-sfey
13
vulnerability VCID-rv8f-q4a4-xqbk
14
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.5.0
9
url pkg:maven/org.apache.nifi/nifi@1.6.0
purl pkg:maven/org.apache.nifi/nifi@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-rj21-6d19-gqbe
11
vulnerability VCID-rn4r-36ab-sfey
12
vulnerability VCID-rv8f-q4a4-xqbk
13
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.6.0
10
url pkg:maven/org.apache.nifi/nifi@1.7.0
purl pkg:maven/org.apache.nifi/nifi@1.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-ec58-s3nd-7yaz
8
vulnerability VCID-g74u-zmqj-gyb7
9
vulnerability VCID-gqjq-sbf1-x7ew
10
vulnerability VCID-hy35-v2p5-2ycq
11
vulnerability VCID-rn4r-36ab-sfey
12
vulnerability VCID-rv8f-q4a4-xqbk
13
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.7.0
11
url pkg:maven/org.apache.nifi/nifi@1.7.1
purl pkg:maven/org.apache.nifi/nifi@1.7.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dsr-hras-zudk
1
vulnerability VCID-2ema-4jrp-3kfr
2
vulnerability VCID-3eka-p4cs-f3dz
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-6mt2-4tn4-5bcb
5
vulnerability VCID-bppj-knks-jybe
6
vulnerability VCID-bpqd-tx8f-kycf
7
vulnerability VCID-ec58-s3nd-7yaz
8
vulnerability VCID-g74u-zmqj-gyb7
9
vulnerability VCID-gqjq-sbf1-x7ew
10
vulnerability VCID-hy35-v2p5-2ycq
11
vulnerability VCID-rn4r-36ab-sfey
12
vulnerability VCID-rv8f-q4a4-xqbk
13
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.7.1
12
url pkg:maven/org.apache.nifi/nifi@1.8.0
purl pkg:maven/org.apache.nifi/nifi@1.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-bppj-knks-jybe
5
vulnerability VCID-bpqd-tx8f-kycf
6
vulnerability VCID-ec58-s3nd-7yaz
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-rn4r-36ab-sfey
11
vulnerability VCID-rv8f-q4a4-xqbk
12
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.8.0
13
url pkg:maven/org.apache.nifi/nifi@1.9.0
purl pkg:maven/org.apache.nifi/nifi@1.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-bppj-knks-jybe
5
vulnerability VCID-bpqd-tx8f-kycf
6
vulnerability VCID-ec58-s3nd-7yaz
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-rn4r-36ab-sfey
11
vulnerability VCID-rv8f-q4a4-xqbk
12
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.0
14
url pkg:maven/org.apache.nifi/nifi@1.9.1
purl pkg:maven/org.apache.nifi/nifi@1.9.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-bppj-knks-jybe
5
vulnerability VCID-bpqd-tx8f-kycf
6
vulnerability VCID-ec58-s3nd-7yaz
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-rn4r-36ab-sfey
11
vulnerability VCID-rv8f-q4a4-xqbk
12
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.1
15
url pkg:maven/org.apache.nifi/nifi@1.9.2
purl pkg:maven/org.apache.nifi/nifi@1.9.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-4v3d-ugqf-uyag
4
vulnerability VCID-bppj-knks-jybe
5
vulnerability VCID-bpqd-tx8f-kycf
6
vulnerability VCID-ec58-s3nd-7yaz
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-gqjq-sbf1-x7ew
9
vulnerability VCID-hy35-v2p5-2ycq
10
vulnerability VCID-rn4r-36ab-sfey
11
vulnerability VCID-rv8f-q4a4-xqbk
12
vulnerability VCID-yrgr-3cv3-b3ff
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.9.2
16
url pkg:maven/org.apache.nifi/nifi@1.10.0
purl pkg:maven/org.apache.nifi/nifi@1.10.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-ec58-s3nd-7yaz
6
vulnerability VCID-g74u-zmqj-gyb7
7
vulnerability VCID-gqjq-sbf1-x7ew
8
vulnerability VCID-hy35-v2p5-2ycq
9
vulnerability VCID-rn4r-36ab-sfey
10
vulnerability VCID-rv8f-q4a4-xqbk
11
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.10.0
17
url pkg:maven/org.apache.nifi/nifi@1.11.0
purl pkg:maven/org.apache.nifi/nifi@1.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-ec58-s3nd-7yaz
6
vulnerability VCID-g74u-zmqj-gyb7
7
vulnerability VCID-hy35-v2p5-2ycq
8
vulnerability VCID-rn4r-36ab-sfey
9
vulnerability VCID-rv8f-q4a4-xqbk
10
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.0
18
url pkg:maven/org.apache.nifi/nifi@1.11.1
purl pkg:maven/org.apache.nifi/nifi@1.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-ec58-s3nd-7yaz
6
vulnerability VCID-g74u-zmqj-gyb7
7
vulnerability VCID-hy35-v2p5-2ycq
8
vulnerability VCID-rn4r-36ab-sfey
9
vulnerability VCID-rv8f-q4a4-xqbk
10
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.1
19
url pkg:maven/org.apache.nifi/nifi@1.11.2
purl pkg:maven/org.apache.nifi/nifi@1.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-ec58-s3nd-7yaz
6
vulnerability VCID-g74u-zmqj-gyb7
7
vulnerability VCID-hy35-v2p5-2ycq
8
vulnerability VCID-rn4r-36ab-sfey
9
vulnerability VCID-rv8f-q4a4-xqbk
10
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.2
20
url pkg:maven/org.apache.nifi/nifi@1.11.3
purl pkg:maven/org.apache.nifi/nifi@1.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-ec58-s3nd-7yaz
6
vulnerability VCID-g74u-zmqj-gyb7
7
vulnerability VCID-hy35-v2p5-2ycq
8
vulnerability VCID-rn4r-36ab-sfey
9
vulnerability VCID-rv8f-q4a4-xqbk
10
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.3
21
url pkg:maven/org.apache.nifi/nifi@1.11.4
purl pkg:maven/org.apache.nifi/nifi@1.11.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ema-4jrp-3kfr
1
vulnerability VCID-3eka-p4cs-f3dz
2
vulnerability VCID-4uja-72yx-6qdc
3
vulnerability VCID-bppj-knks-jybe
4
vulnerability VCID-bpqd-tx8f-kycf
5
vulnerability VCID-cg2v-phw4-ake2
6
vulnerability VCID-ec58-s3nd-7yaz
7
vulnerability VCID-g74u-zmqj-gyb7
8
vulnerability VCID-hy35-v2p5-2ycq
9
vulnerability VCID-rn4r-36ab-sfey
10
vulnerability VCID-rv8f-q4a4-xqbk
11
vulnerability VCID-xhjy-xmhq-abh7
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.nifi/nifi@1.11.4
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9491
reference_id
reference_type
scores
0
value 0.0132
scoring_system epss
scoring_elements 0.79823
published_at 2026-04-01T12:55:00Z
1
value 0.0132
scoring_system epss
scoring_elements 0.79905
published_at 2026-04-21T12:55:00Z
2
value 0.0132
scoring_system epss
scoring_elements 0.79902
published_at 2026-04-18T12:55:00Z
3
value 0.0132
scoring_system epss
scoring_elements 0.79901
published_at 2026-04-16T12:55:00Z
4
value 0.0132
scoring_system epss
scoring_elements 0.79872
published_at 2026-04-13T12:55:00Z
5
value 0.0132
scoring_system epss
scoring_elements 0.7988
published_at 2026-04-12T12:55:00Z
6
value 0.0132
scoring_system epss
scoring_elements 0.79897
published_at 2026-04-11T12:55:00Z
7
value 0.0132
scoring_system epss
scoring_elements 0.79876
published_at 2026-04-09T12:55:00Z
8
value 0.0132
scoring_system epss
scoring_elements 0.79868
published_at 2026-04-08T12:55:00Z
9
value 0.0132
scoring_system epss
scoring_elements 0.7984
published_at 2026-04-07T12:55:00Z
10
value 0.0132
scoring_system epss
scoring_elements 0.79852
published_at 2026-04-04T12:55:00Z
11
value 0.0132
scoring_system epss
scoring_elements 0.7983
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9491
1
reference_url https://github.com/apache/nifi
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/nifi
2
reference_url https://github.com/apache/nifi/commit/441781cec50f77d9f1e65093f55bbd614b8c5ec6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/nifi/commit/441781cec50f77d9f1e65093f55bbd614b8c5ec6
3
reference_url https://lists.apache.org/thread.html/r2d9c21f9ec35d66f2bb42f8abe876dabd786166b6284e9a33582c718@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2d9c21f9ec35d66f2bb42f8abe876dabd786166b6284e9a33582c718@%3Ccommits.nifi.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/re48582efe2ac973f8cff55c8b346825cb491c71935e15ab2d61ef3bf@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re48582efe2ac973f8cff55c8b346825cb491c71935e15ab2d61ef3bf@%3Ccommits.nifi.apache.org%3E
5
reference_url https://nifi.apache.org/security#CVE-2020-9491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nifi.apache.org/security#CVE-2020-9491
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9491
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9491
7
reference_url https://github.com/advisories/GHSA-rfmp-jvr7-hx78
reference_id GHSA-rfmp-jvr7-hx78
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rfmp-jvr7-hx78
Weaknesses
0
cwe_id 327
name Use of a Broken or Risky Cryptographic Algorithm
description The product uses a broken or risky cryptographic algorithm or protocol.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 326
name Inadequate Encryption Strength
description The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2ema-4jrp-3kfr