Maven package
org.apache.shenyu/shenyu-bootstrap
pkg:maven/org.apache.shenyu/shenyu-bootstrap
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-26650 | — | >= 2.4.0, < 2.4.3 | 2.4.3 | May 17, 2022 | In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causi |
- CVE-2022-26650May 17, 2022affected >= 2.4.0, < 2.4.3fixed 2.4.3
In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causi