CVE-2017-7667

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-7667

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7667.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-7667

Aliases

GHSA-jvx9-rj3w-jq99

Published

2017-06-12T16:29:00.250Z

Modified

2026-04-10T04:00:58.681886Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.

References

Affected packages

Git / github.com/apache/nifi

Affected ranges

Type

GIT

Repo

https://github.com/apache/nifi

Events

Introduced

Last affected

78532ef44fb8b830a5316ce10a5cc7862bc3b5b2

Introduced

Last affected

74d5224783dfdc513f6b3ad5ed96671d3c581707

Introduced

Last affected

1890f6c522514027ae46f86601f4771f62cadc6d

Introduced

Last affected

5536f690a81418955442d52687695f65f0a44cd0

Introduced

Last affected

a92f2e36ed6be695e4dc6f624f6b3a96e6d1a57c

Introduced

Last affected

e31088642b6fdc7cafb52208a6ba29216dde7898

Introduced

Last affected

3a605af8e0ac024fb0ba67262d49dab2727b2576

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.7.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.2.0"
        }
    ]
}

Affected versions

docker/nifi-1.*

docker/nifi-1.2.0

nifi-0.*

nifi-0.2.0-incubating-RC1

nifi-0.4.1

nifi-0.4.1-RC1

nifi-0.6.0

nifi-0.6.0-RC2

nifi-0.7.0-RC2

nifi-0.7.1-RC1

nifi-0.7.3-RC1

nifi-1.*

nifi-1.0.0-RC1

nifi-1.0.1-RC1

nifi-1.1.0-RC2

nifi-1.1.1-RC1

nifi-1.1.2-RC1

nifi-1.2.0-RC2

rel/nifi-0.*

rel/nifi-0.7.0

rel/nifi-0.7.1

rel/nifi-0.7.3

rel/nifi-1.*

rel/nifi-1.0.0

rel/nifi-1.0.1

rel/nifi-1.1.0

rel/nifi-1.1.1

rel/nifi-1.1.2

rel/nifi-1.2.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7667.json"