Apache Shiro Vulnerabilities
Apache Apache Shiro vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting
CVE-2023-46749ApacheApache Shiro6.5MEDIUMApache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.
CVE-2023-46750ApacheApache Shiro6.1MEDIUMApache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.
CVE-2023-34478ApacheApache Shiro9.8CRITICALApache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request
CVE-2023-22602ApacheApache Shiro7.5HIGHAuthentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher
CVE-2022-40664ApacheApache Shiro9.8CRITICALAuthentication Bypass Vulnerability
CVE-2022-32532ApacheApache ShiroπΎπ‘9.8CRITICALApache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass
CVE-2021-41303ApacheApache ShiroEPSS 13%9.8CRITICAL- CVE-2020-17523ApacheApache ShiroπΎπ‘EPSS 34%9.8CRITICAL
- CVE-2020-17510ApacheApache Shiro9.8CRITICAL
- CVE-2020-13933ApacheApache ShiroπΎπ‘7.5HIGH
- CVE-2020-11989ApacheApache ShiroπΎπ‘EPSS 25%9.8CRITICAL
- CVE-2020-1957ApacheApache Shiro9.8CRITICAL
15 January 2024
14 December 2023
24 July 2023
14 January 2023
12 October 2022
29 June 2022
17 September 2021
3 February 2021
5 November 2020
17 August 2020
22 June 2020
25 March 2020
No more vulnerabilities to load.