CVE-2022-23223

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-23223

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23223.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-23223

Aliases

GHSA-7wq4-89xx-g62j

Published

2022-01-25T13:15:08Z

Modified

2024-10-11T09:07:25Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later.

References

Affected packages

Git / github.com/apache/incubator-shenyu

Affected ranges

Type: GIT
Repo: https://github.com/apache/incubator-shenyu
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3c6e3a0a3134e59dc200cd68c85576d5bafc2f3b

Last affected

dc841a2720ea0b5a6ca71f1b9c1aa7958d241f16