Every CVE whose affected-product data names Apache Shardingsphere, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-1947 — CVSS 9.8 (critical): In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML…
CVE-2022-45347 — CVSS 9.8 (critical): Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client…
CVE-2023-28754 — CVSS 8.8 (high): Deserialization of Untrusted Data vulnerability in Apache ShardingSphere-Agent, which allows attackers to execute arbitrary code by…