CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi
CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 002 through 1210 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution Vendor Disclosure: The vendor's disclosure and fix for this vulnerabilit