ExceptionFactory

Analyzing and Mitigating XML External Entity Vulnerabilities in Apache NiFi

2022-05-31 • 12 minute read • David Handermann

Apache NiFi 1.16.1 resolved XML external entity vulnerabilities in multiple components, described in CVE-2022-29265. Reviewing current and previous XML vulnerabilities enables an accurate characterization of the impact on particular deployments. A summary of the resolution provides useful details for any project that performs XML processing.