High
Apache ShenYu is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in RegexPredicateJudge.java in ShenYu-Bootstrap. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a resource exhaustion, and results in a denial of service condition.
Upgrade to the latest version of Apache ShenYui (2.4.3 or later), available from the incubator-shenyu GIT Repository.