VulnerableCode Package Details - pkg:maven/org.apache.nifi/nifi-single-user-utils@1.16.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-g948-a1b1-aaaf	Insufficiently Protected Credentials When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. On most platforms, the operating system temporary directory has global read permissions. NiFi immediately moved the temporary file to the final configuration directory, which significantly limited the window of opportunity for access. NiFi 1.16.0 includes updates to replace the Login Identity Providers configuration without writing a file to the operating system temporary directory.	CVE-2022-26850 GHSA-rvp4-r3g6-8hxq

Vulnerability

Summary

Aliases

VCID-g948-a1b1-aaaf

Insufficiently Protected Credentials When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. On most platforms, the operating system temporary directory has global read permissions. NiFi immediately moved the temporary file to the final configuration directory, which significantly limited the window of opportunity for access. NiFi 1.16.0 includes updates to replace the Login Identity Providers configuration without writing a file to the operating system temporary directory.

CVE-2022-26850
GHSA-rvp4-r3g6-8hxq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T15:58:00.802101+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	36.1.3
2025-06-20T15:57:59.355167+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	36.1.3
2025-06-03T22:38:38.475684+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	36.1.0
2025-06-03T22:38:37.306130+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	36.1.0
2025-06-02T22:27:15.793357+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	36.1.2
2025-06-02T22:27:14.511282+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	36.1.2
2025-04-03T20:05:48.810293+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	36.0.0
2025-04-03T20:05:45.991150+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	36.0.0
2025-02-18T07:29:45.655141+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	35.1.0
2025-02-18T07:29:45.572720+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	35.1.0
2024-11-21T02:59:16.260637+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	35.0.0
2024-11-19T02:49:14.040614+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.3.2
2024-10-08T03:24:41.673365+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.0.2
2024-10-07T20:24:05.738733+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	https://github.com/advisories/GHSA-rvp4-r3g6-8hxq	34.0.2
2024-09-23T03:20:12.071393+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.0.1
2024-09-22T21:05:42.812788+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	https://github.com/advisories/GHSA-rvp4-r3g6-8hxq	34.0.1
2024-04-24T05:57:28.266131+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.0.0rc4
2024-04-24T05:57:28.150014+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	34.0.0rc4
2024-04-23T22:53:39.060574+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	https://github.com/advisories/GHSA-rvp4-r3g6-8hxq	34.0.0rc4
2024-04-23T22:53:38.814646+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	None	34.0.0rc4
2024-01-10T08:28:44.622160+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.0.0rc2
2024-01-10T08:28:44.494239+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	34.0.0rc2
2024-01-10T00:47:54.629675+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	https://github.com/advisories/GHSA-rvp4-r3g6-8hxq	34.0.0rc2
2024-01-10T00:47:54.397344+00:00	GHSA Importer	Fixing	VCID-g948-a1b1-aaaf	None	34.0.0rc2
2024-01-04T01:13:47.265095+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.nifi/nifi-single-user-utils/CVE-2022-26850.yml	34.0.0rc1
2024-01-04T01:13:47.148033+00:00	GitLab Importer	Fixing	VCID-g948-a1b1-aaaf	None	34.0.0rc1

2025-06-20T15:58:00.802101+00:00

GitLab Importer

Fixing