On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/01/25/7 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2022/01/26/4 | Exploit Mailing List Patch Third Party Advisory |
https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s | Mailing List Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2022-01-25T13:00:22
Updated: 2023-10-04T08:00:34.196Z
Reserved: 2022-01-14T00:00:00
Link: CVE-2022-23223
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-25T13:15:08.137
Modified: 2023-10-16T18:22:38.197
Link: CVE-2022-23223
JSON object: View
Redhat Information
No data.
CWE