Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-32532HistoryJun 29, 2022 - 12:15 a.m.
CVE-2022-32532
2022-06-2900:15:00
Debian Security Bug Tracker
security-tracker.debian.org
14
0.055 Low
EPSS
Percentile
93.2%
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | shiro | <= 1.3.2-5 | shiro_1.3.2-5_all.deb |
| Debian | 11 | all | shiro | <= 1.3.2-4+deb11u1 | shiro_1.3.2-4+deb11u1_all.deb |
| Debian | 10 | all | shiro | <= 1.3.2-4+deb10u1 | shiro_1.3.2-4+deb10u1_all.deb |
| Debian | 999 | all | shiro | <= 1.3.2-5 | shiro_1.3.2-5_all.deb |
| Debian | 13 | all | shiro | <= 1.3.2-5 | shiro_1.3.2-5_all.deb |
Related
veracode
veracode
Authorization Bypass
2022-06-30 03:16:54
github
github
Improper Authorization in Apache Shiro
2022-06-30 00:00:41
osv
osv
CVE-2022-32532
2022-06-29 00:15:10
Improper Authorization in Apache Shiro
2022-06-30 00:00:41
cvelist
cvelist
CVE-2022-32532 Authentication Bypass Vulnerability
2022-06-28 23:20:11
prion
prion
Authorization
2022-06-29 00:15:00
ubuntucve
ubuntucve
CVE-2022-32532
2022-06-29 00:00:00
ibm
ibm
redhatcve
redhatcve
CVE-2022-32532
2022-07-14 12:14:20
githubexploit
githubexploit
Exploit for Incorrect Authorization in Apache Shiro
2022-06-29 01:05:33
cve
cve
CVE-2022-32532
2022-06-29 00:15:10
nessus
nessus
Oracle WebCenter Sites (Oct 2022 CPU)
2022-10-21 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00