Apache NiFi: 1.25.0 → 2.9.0
Apache · upgrade impact · Official site ↗
Fixed by upgrading to 2.9.0 iVulnerabilities that affect 1.25.0 but no longer affect 2.9.0 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2024-37389 MEDIUM EPSS 24% ✓ cleared in 2.9.0 CVE-2024-56512 MEDIUM EPSS 3% ✓ cleared in 2.9.0 CVE-2025-27017 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2026-25903 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2024-52067 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2024-45477 MEDIUM EPSS 1% ✓ cleared in 2.9.0 CVE-2025-66524 HIGH EPSS 0% ✓ cleared in 2.9.0