oss-sec mailing list archives

CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration

From: Zhang Yonglun <zhangyonglun () apache org>
Date: Tue, 25 Jan 2022 19:39:34 +0800

Description:

Missing  authentication on ShenYu Admin when register by HTTP. This
issue affected Apache ShenYu 2.4.0 and 2.4.1.


--

Zhang Yonglun
Apache ShenYu (Incubating)
Apache ShardingSphere

Current thread:

CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration Zhang Yonglun (Jan 25)