[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2021-37580: Apache ShenYu Admin bypass JWT authentication
From:       Liang Liu <midnight2104 () apache ! org>
Date:       2021-11-16 5:14:11
Message-ID: f9c3cbc8-1da9-3903-2e59-bb0e88f2ded5 () apache ! org
[Download RAW message or body]

Description:

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in =
ShenyuAdminBootstrap allows an attacker to bypass authentication.  This =
issue affected Apache ShenYu 2.3.0 and 2.4.0

Credit:

This issue was reported by =E4=BC=8D =E9=9B=84

[prev in list] [next in list] [prev in thread] [next in thread]