VYPR

ShardingSphere

by Apache

CVEs (3)

  • CVE-2023-28754Jul 19, 2023
    risk 0.00cvss epss 0.01

    Deserialization of Untrusted Data vulnerability in Apache ShardingSphere-Agent, which allows attackers to execute arbitrary code by constructing a special YAML configuration file. The attacker needs to have permission to modify the ShardingSphere Agent YAML configuration file…

  • CVE-2022-45347Dec 22, 2022
    risk 0.00cvss epss 0.01

    Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has…

  • CVE-2021-26558Nov 11, 2021
    risk 0.00cvss epss 0.02

    Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources. This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI version 4.1.1 and later versions; Apache ShardingSphere-UI versions prior to 5.0.0.