Org.apache.nifi:nifi-web-api
This hub aggregates every CVE we track for Org.apache.nifi:nifi-web-api, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2
Monthly trend
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Org.apache.nifi:nifi-web-api.
- CVE-2026-25903Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates8.4
- CVE-2024-56512Apache NiFi: Missing Complete Authorization for Parameter and Service References5.4
- CVE-2019-10083When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included d...5.3
- CVE-2019-12421When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the serv...8.8
Product normalization is registry-driven with AI assist and human review. How it works