Apache Shiro Vulnerabilities
Apache Apache Shiro vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting
CVE-2023-46749ApacheApache Shiro6.5MEDIUMApache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.
CVE-2023-46750ApacheApache Shiro6.1MEDIUMApache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.
CVE-2023-34478ApacheApache Shiro9.8CRITICALApache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request
CVE-2023-22602ApacheApache Shiro7.5HIGHAuthentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher
CVE-2022-40664ApacheApache Shiro9.8CRITICALAuthentication Bypass Vulnerability
CVE-2022-32532ApacheApache ShiroπΎπ‘EPSS 79%9.8CRITICALApache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass
CVE-2021-41303ApacheApache ShiroEPSS 48%9.8CRITICALAuthentication Bypass in Apache Shiro with Spring Framework
CVE-2020-17523ApacheApache ShiroπΎπ‘EPSS 88%9.8CRITICALAuthentication Bypass Vulnerability in Apache Shiro with Spring
CVE-2020-17510ApacheApache Shiro9.8CRITICALAuthentication Bypass in Apache Shiro Products by Apache
CVE-2020-13933ApacheApache ShiroπΎπ‘EPSS 69%7.5HIGHAuthentication Bypass Vulnerability in Apache Shiro by Vendor
CVE-2020-11989ApacheApache ShiroπΎπ‘EPSS 77%9.8CRITICALAuthentication Bypass Vulnerability in Apache Shiro by Vendor Apache
CVE-2020-1957ApacheApache ShiroEPSS 86%9.8CRITICAL