漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes
Vulnerability Description
The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Flow configurations that include the ExtractCCDAAttributes Processor are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations and disallows XML External Entity resolution in the ExtractCCDAAttributes Processor.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Apache NiFi 代码问题漏洞
Vulnerability Description
Apache NiFi是美国阿帕奇(Apache)基金会的一套数据处理和分发系统。该系统主要用于数据路由、转换和系统中介逻辑。 Apache NiFi 1.2.0版本至1.19.1版本存在代码问题漏洞,该漏洞源于没有限制XML外部实体引用。
CVSS Information
N/A
Vulnerability Type
N/A