[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2021-37580: Apache ShenYu Admin bypass JWT authentication
From: Liang Liu <midnight2104 () apache ! org>
Date: 2021-11-16 5:14:11
Message-ID: f9c3cbc8-1da9-3903-2e59-bb0e88f2ded5 () apache ! org
[Download RAW message or body]
Description:
A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in =
ShenyuAdminBootstrap allows an attacker to bypass authentication. This =
issue affected Apache ShenYu 2.3.0 and 2.4.0
Credit:
This issue was reported by =E4=BC=8D =E9=9B=84
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic