Critical severity vulnerability was found in maven org.apache.shenyu:shenyu-admin (maven) .

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0

References


Courtesy:https://github.com/advisories/GHSA-vpfp-5gwq-g533

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *