Unencrypted passwords
Low severity
GitHub Reviewed
Published
Feb 24, 2021
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Withdrawn
This advisory was withdrawn on Feb 24, 2021
Package
Affected versions
< 0.4.0
Patched versions
0.4.0
Description
Reviewed
Oct 25, 2019
Published to the GitHub Advisory Database
Feb 24, 2021
Withdrawn
Feb 24, 2021
Last updated
Jan 9, 2023
A vulnerability found in Apache NIFI before v0.4.0-RC2. Passwords of InvokeHTTP weren?t encrypted.
References