{"schema_version": "1.6.1", "id": "CVE-2022-42735", "summary": "Apache ShenYu Admin ultra vires", "details": "Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu.\n\n\nShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own.\n\nThis issue affects Apache ShenYu: 2.5.0.\n\nUpgrade to Apache ShenYu 2.5.1 or apply patch  https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .\n\n\n", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "0"}, {"last_affected": "0"}]}]}], "references": [{"type": "WEB", "url": "https://lists.apache.org/thread/2k8764jmckmc19qc8x51nlnngq71pcf7"}]}