Apache NiFi Community, The https://nifi.apache.org/security.html page has been updated with 3 vulnerabilities discovered in previous NiFi versions which have been resolved in release 1.10.0. The severity of these were determined to be two 'low' and one 'medium'. Dependency vulnerabilities that were patched have also been published. Questions about these vulnerabilities can be directed to [email protected].
If you identify new security issues within the current NiFi 1.10.0 release, please forward your report to [email protected] and do not disclose the issue publicly. The security vulnerability reporting and disclosure process can be found here: https://www.apache.org/security/committers.html. Regards, Nathan
