Known Vulnerabilities for Shenyu by Apache
Listed below are 4 of the newest known vulnerabilities associated with "Shenyu" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23945 | Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | 7.5 - HIGH | 2022-01-25 | 2022-02-01 |
| CVE-2022-23944 | User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | 9.1 - CRITICAL | 2022-01-25 | 2022-02-01 |
| CVE-2022-23223 | On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommen... | 7.5 - HIGH | 2022-01-25 | 2023-10-16 |
| CVE-2021-37580 | A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authen... | 9.8 - CRITICAL | 2021-11-16 | 2021-11-17 |