Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up
Apache

Shiro

4 Versions 2 CVEs

Versions

to 1.4.1

OTHER 1 CVE

2.0.0alpha2

ALPHA 1 CVE

2.0.0alpha1

ALPHA 1 CVE

0

SINGLE_NUMBER 1 CVE

Recent CVEs

CVE-2023-34478

Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests. Mitigation: Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+

UNKNOWN Jul 24, 2023

CVE-2019-12422

Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack.

UNKNOWN Nov 18, 2019