14 matches found
Ubuntu: Security Advisory (USN-6352-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6352-1: Apache Shiro vulnerabilities
It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...
USN-6352-1 shiro vulnerabilities
It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...
Ubuntu 18.04 ESM / 20.04 LTS : Apache Shiro vulnerabilities (USN-6352-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6352-1 advisory. It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass...
Apache Shiro < 1.7.0 Authentication Bypass
Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. include'compat.inc'; i...
Debian DLA-2726-1 : shiro - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2726 advisory. It was discovered that there were two issues in shiro, a security framework for Java applications: CVE-2020-13933 Fix an authentication bypass resulting from a...
Debian: Security Advisory (DLA-2726-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2726-1] shiro security update
Debian LTS Advisory DLA-2726-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez August 02, 2021 https://wiki.debian.org/LTS Package : shiro Version : 1.3.2-1+deb9u2 CVE ID : CVE-2020-13933 CVE-2020-17510 Debian Bug : 968753 It was discovered that there were two...
cc.eamon.open:auth (=0.0.2), cn.easyproject:easyshiro-redis-cache (=2.6.0-RELEASE) +770 more potentially affected by CVE-2020-17510 via org.apache.shiro:shiro-spring (>=1.0.0-incubating <=1.6.0)
org.apache.shiro:shiro-spring MAVEN version =1.0.0-incubating, =1.0, =1.0, =1.0.0, =1.0.4 - cn.org.awcp:awcp-formdesigner-applicationImpl =1.0-RELEASE - cn.org.awcp:awcp-metadesigner-applicationImpl =1.0-RELEASE - cn.org.awcp:awcp-unit-application =1.0-RELEASE and more Source cves: CVE-2020-17510...
CVE-2020-17510
A flaw was found in Apache shiro. When using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. This highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-17510
Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...
CVE-2020-17510
Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...
CVE-2020-17510
CVE-2020-17510 affects Apache Shiro software prior to version 1.7.0 when used with Spring. A specially crafted HTTP request can trigger an authentication bypass, allowing bypass of access restrictions. The vulnerability is categorized with a high to critical impact depending on the score, with ne...
CVE-2020-17510
Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...