November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE-2022-26923 – Microsoft Windows Active Directory Domain Services Vulnerability
May 17, 2022Rewterz Threat Advisory – Multiple Apple iOS and iPadOS Vulnerabilities
May 18, 2022Rewterz Threat Advisory – CVE-2022-26923 – Microsoft Windows Active Directory Domain Services Vulnerability
May 17, 2022Rewterz Threat Advisory – Multiple Apple iOS and iPadOS Vulnerabilities
May 18, 2022
Severity
High
Analysis Summary
CVE-2022-26650
Apache ShenYu is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in RegexPredicateJudge.java in ShenYu-Bootstrap. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a resource exhaustion, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-26650
Affected Vendors
- Apache
Affected Products
- Apache ShenYu 2.4.0
- Apache ShenYu 2.4.1
- Apache ShenYu 2.4.2
Remediation
Upgrade to the latest version of Apache ShenYui (2.4.3 or later), available from the incubator-shenyu GIT Repository.