Filters

Apache ShiroApache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting

First published (updated )

Apache ShiroApache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.

7.4
First published (updated )

Apache ShiroApache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.

First published (updated )

Apache ShiroApache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request

7.5
First published (updated )

Apache ShiroAuthentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache ShiroAuthentication Bypass Vulnerability

First published (updated )

Oracle Financial Services Crime And Compliance Management StudioApache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass

First published (updated )

Apache ShiroApache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may…

First published (updated )

ubuntu/shiroApache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may…

First published (updated )

ubuntu/shiroInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/shiroApache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially craf…

First published (updated )

Apache ShiroApache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially craf…

First published (updated )

redhat/shiroInput Validation

7.5
First published (updated )

Apache ShiroApache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by lev…

7.5
First published (updated )

Apache ShiroApache Shiro Code Execution Vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache ShiroApache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows r…

7.5
First published (updated )

Jsecurity JsecurityPath Traversal

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203