Lucene search
Veracode Vulnerability DatabaseVERACODE:33897HistoryJan 26, 2022 - 4:44 a.m.
Remote Code Execution (RCE)
2022-01-2604:44:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.014 Low
EPSS
Percentile
86.7%
shenyu is vulnerable to remote code execution. The vulnerability exists due to lack of sanitization of database query language input to the system, allowing an attacker to inject maliciously crafted script via the query.
| CPE | Name | Operator | Version |
|---|---|---|---|
| shenyu-plugin-base | le | 2.4.1 | |
| shenyu-plugin-base | le | 2.4.1 |
Related
osv
osv
Code injection in ShenYu
2022-01-28 22:13:27
CVE-2021-45029
2022-01-25 13:15:07
prion
prion
Code injection
2022-01-25 13:15:00
github
github
Code injection in ShenYu
2022-01-28 22:13:27
cnvd
cnvd
Apache ShenYu Code Injection Vulnerability
2022-01-27 00:00:00
cve
cve
CVE-2021-45029
2022-01-25 13:15:07
nvd
nvd
CVE-2021-45029
2022-01-25 13:15:07
cvelist
cvelist
CVE-2021-45029 Apache ShenYu 2.4.1 Groovy Code Injection & SpEL Injection
2022-01-25 13:00:21