← volver
CVE-2022-23223

Apache ShenYu Password leakage

EPSS 4.3%CWE-522
On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later.
Productos afectados
Apache Software Foundation · Apache ShenYu (incubating)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8shttp://www.openwall.com/lists/oss-security/2022/01/25/7http://www.openwall.com/lists/oss-security/2022/01/26/4