This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi-site.git


The following commit(s) were added to refs/heads/main by this push:
     new f3e23f8b NIFI-15845 Corrected recommended version for CVE-2026-44914
f3e23f8b is described below

commit f3e23f8b63e0b491a2ef3386bab912c0ca3c9ffe
Author: exceptionfactory <[email protected]>
AuthorDate: Wed Jun 24 09:25:38 2026 -0500

    NIFI-15845 Corrected recommended version for CVE-2026-44914
---
 content/documentation/security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/documentation/security.md 
b/content/documentation/security.md
index 8055d64b..c65b2e78 100644
--- a/content/documentation/security.md
+++ b/content/documentation/security.md
@@ -113,7 +113,7 @@ additional privileges required, but framework authorization 
did not check restri
 replace Process Groups. The missing authorization permits a user with general 
write access to add components with
 Restricted status. Apache NiFi installations that do not implement specific 
authorization for Restricted components are
 not subject to this vulnerability because the framework enforces write 
permissions as the security boundary. Upgrading
-to Apache NiFi 2.9.0 is the recommended mitigation, which removes the 
implementation of Restricted status authorization
+to Apache NiFi 2.10.0 is the recommended mitigation, which removes the 
implementation of Restricted status authorization
 from the framework.
 
 {{</ vulnerability >}}

Reply via email to