Lucene search
China National Vulnerability DatabaseCNVD-2022-08191HistoryJan 27, 2022 - 12:00 a.m.
Apache ShenYu Code Injection Vulnerability
2022-01-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.014 Low
EPSS
Percentile
86.7%
Apache ShenYu is an asynchronous, high-performance, cross-language, responsive API gateway from the Apache Foundation.Apache ShenYu is vulnerable to code injection in versions 2.4.0 and 2.4.1, which stems from a design or implementation impropriety in the code development process of a web-based system or product. An attacker could exploit the vulnerability to cause Groovy code injection and SpEL injection for remote code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache shenyu | eq | 2.4.0 | |
| apache shenyu | eq | 2.4.1 |
Related
osv
osv
Code injection in ShenYu
2022-01-28 22:13:27
CVE-2021-45029
2022-01-25 13:15:07
prion
prion
Code injection
2022-01-25 13:15:00
cve
cve
CVE-2021-45029
2022-01-25 13:15:07
nvd
nvd
CVE-2021-45029
2022-01-25 13:15:07
github
github
Code injection in ShenYu
2022-01-28 22:13:27
veracode
veracode
Remote Code Execution (RCE)
2022-01-26 04:44:15
cvelist
cvelist
CVE-2021-45029 Apache ShenYu 2.4.1 Groovy Code Injection & SpEL Injection
2022-01-25 13:00:21