Search for packages
| purl | pkg:maven/org.apache.nifi/nifi-framework-core@1.6.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-zm6p-jqw1-zfdp
Aliases: CVE-2020-1942 GHSA-7q8g-gpfp-v8gx |
Insertion of Sensitive Information into Log File In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was printed, potentially containing sensitive values in plaintext. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:00:29.961346+00:00 | GitLab Importer | Affected by | VCID-zm6p-jqw1-zfdp | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-framework-core/CVE-2020-1942.yml | 38.4.0 |
| 2026-04-11T22:11:45.203015+00:00 | GitLab Importer | Affected by | VCID-zm6p-jqw1-zfdp | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-framework-core/CVE-2020-1942.yml | 38.3.0 |
| 2026-04-02T22:24:14.521988+00:00 | GitLab Importer | Affected by | VCID-zm6p-jqw1-zfdp | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-framework-core/CVE-2020-1942.yml | 38.1.0 |
| 2026-04-01T16:42:04.431035+00:00 | GitLab Importer | Affected by | VCID-zm6p-jqw1-zfdp | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-framework-core/CVE-2020-1942.yml | 38.0.0 |