GHSA-7rjp-fgwj-47rw

Source

https://github.com/advisories/GHSA-7rjp-fgwj-47rw

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-7rjp-fgwj-47rw/GHSA-7rjp-fgwj-47rw.json

Aliases

• CVE-2022-23945

Published

2022-01-28T22:14:11Z

Modified

2024-02-20T05:33:55.587133Z

Details

Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-23945
• https://github.com/apache/shenyu/pull/2723
• https://github.com/apache/shenyu/commit/9a02215013037e1cc8cd41f216164628a9e9e28f
• https://github.com/apache/incubator-shenyu
• https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s
• http://www.openwall.com/lists/oss-security/2022/01/25/6
• http://www.openwall.com/lists/oss-security/2022/01/26/3