Apache ShenYu 2.4.0 and 2.4.1 Remote Code Execution via Groovy Code Injection and SpEL Injection

Apache ShenYu 2.4.0 and 2.4.1 Remote Code Execution via Groovy Code Injection and SpEL Injection

CVE-2021-45029 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.

Learn more about our Cis Benchmark Audit For Apache Http Server.