Lucene search
China National Vulnerability DatabaseCNVD-2022-18268HistoryJan 27, 2022 - 12:00 a.m.
Apache ShenYu Information Disclosure Vulnerability
2022-01-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
apache
shenyu
information disclosure
vulnerability
2.4.0
2.4.1
configuration error
network system
http response
EPSS
0.002
Percentile
59.2%
Apache ShenYu is an asynchronous, high-performance, cross-language, responsive API gateway from the Apache Foundation.Apache ShenYu in versions 2.4.0 and 2.4.1 contains an information disclosure vulnerability that stems from a configuration or other error in the operation of the network system or product. An attacker could use this vulnerability to see the user’s password in the HTTP response.
Related
nvd
nvd
CVE-2022-23223
2022-01-25 13:15:08
github
github
Password exposure in ShenYu
2022-01-28 22:13:57
veracode
veracode
Information Disclosure
2022-01-26 03:50:09
osv
osv
Password exposure in ShenYu
2022-01-28 22:13:57
CVE-2022-23223
2022-01-25 13:15:08
prion
prion
Code injection
2022-01-25 13:15:00
cve
cve
CVE-2022-23223
2022-01-25 13:15:08
cvelist
cvelist
CVE-2022-23223 Apache ShenYu Password leakage
2022-01-25 13:00:22