Synced 17 Jun 2026 06:32 UTC Account
← Apache NiFi

Apache NiFi: 1.21.0 2.9.0

Apache · upgrade impact · Official site ↗
From1.21.012 known issues To2.9.00 known issues

Fixed by upgrading to 2.9.0 iVulnerabilities that affect 1.21.0 but no longer affect 2.9.0 — the security gain from this upgrade, by exploited status then exploitation probability.

Exploited first, then by exploitation probability (EPSS).

CVE-2023-34468 HIGH EPSS 63% ✓ cleared in 2.9.0 CVE-2024-37389 MEDIUM EPSS 24% ✓ cleared in 2.9.0 CVE-2024-56512 MEDIUM EPSS 3% ✓ cleared in 2.9.0 CVE-2023-34212 MEDIUM EPSS 2% ✓ cleared in 2.9.0 CVE-2023-36542 HIGH EPSS 2% ✓ cleared in 2.9.0 CVE-2023-40037 MEDIUM EPSS 2% ✓ cleared in 2.9.0 CVE-2023-49145 HIGH EPSS 1% ✓ cleared in 2.9.0 CVE-2025-27017 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2026-25903 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2024-52067 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2024-45477 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2025-66524 HIGH EPSS 0% ✓ cleared in 2.9.0