CVE-2022-23223

Summary

On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache ShenYu (incubating)Apache ShenYu (incubating) < 2.4.2affected

Weaknesses

  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

References