← back
CVE-2022-23223

Apache ShenYu Password leakage

EPSS 4.3%CWE-522
On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later.
Affected products
Apache Software Foundation · Apache ShenYu (incubating)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8shttp://www.openwall.com/lists/oss-security/2022/01/25/7http://www.openwall.com/lists/oss-security/2022/01/26/4