Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2023/09/08 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-6352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.48019EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2023/09/07 1:36 a.m.63 views

USN-6352-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

9.8CVSS8AI score0.48019EPSS
Exploits3
OSV
OSV
added 2023/09/07 1:36 a.m.3 views

USN-6352-1 shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

9.8CVSS7.3AI score0.48019EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.34 views

Ubuntu 18.04 ESM / 20.04 LTS : Apache Shiro vulnerabilities (USN-6352-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6352-1 advisory. It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass...

9.8CVSS8.2AI score0.48019EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2022/05/31 12:0 a.m.44 views

Apache Shiro < 1.7.0 Authentication Bypass

Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. include'compat.inc'; i...

9.8CVSS8.1AI score0.09056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/05 12:0 a.m.39 views

Debian DLA-2726-1 : shiro - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2726 advisory. It was discovered that there were two issues in shiro, a security framework for Java applications: CVE-2020-13933 Fix an authentication bypass resulting from a...

9.8CVSS8.1AI score0.48019EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2021/08/03 12:0 a.m.29 views

Debian: Security Advisory (DLA-2726-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.48019EPSS
Exploits3References4
Debian
Debian
added 2021/08/02 10:10 p.m.39 views

[SECURITY] [DLA 2726-1] shiro security update

Debian LTS Advisory DLA-2726-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez August 02, 2021 https://wiki.debian.org/LTS Package : shiro Version : 1.3.2-1+deb9u2 CVE ID : CVE-2020-13933 CVE-2020-17510 Debian Bug : 968753 It was discovered that there were two...

9.8CVSS7.2AI score0.48019EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2021/04/22 4:13 p.m.7 views

cc.eamon.open:auth (=0.0.2), cn.easyproject:easyshiro-redis-cache (=2.6.0-RELEASE) +770 more potentially affected by CVE-2020-17510 via org.apache.shiro:shiro-spring (>=1.0.0-incubating <=1.6.0)

org.apache.shiro:shiro-spring MAVEN version =1.0.0-incubating, =1.0, =1.0, =1.0.0, =1.0.4 - cn.org.awcp:awcp-formdesigner-applicationImpl =1.0-RELEASE - cn.org.awcp:awcp-metadesigner-applicationImpl =1.0-RELEASE - cn.org.awcp:awcp-unit-application =1.0-RELEASE and more Source cves: CVE-2020-17510...

9.8CVSS7.2AI score0.09056EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/12/02 6:3 p.m.22 views

CVE-2020-17510

A flaw was found in Apache shiro. When using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. This highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS1.5AI score0.09056EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/11/05 9:15 p.m.21 views

CVE-2020-17510

Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS7.2AI score0.09056EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/11/05 8:17 p.m.29 views

CVE-2020-17510

Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.5AI score0.09056EPSS
Exploits0References10
CVE
CVE
added 2020/11/05 8:17 p.m.158 views

CVE-2020-17510

CVE-2020-17510 affects Apache Shiro software prior to version 1.7.0 when used with Spring. A specially crafted HTTP request can trigger an authentication bypass, allowing bypass of access restrictions. The vulnerability is categorized with a high to critical impact depending on the score, with ne...

9.8CVSS9.3AI score0.09056EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2020/11/05 8:17 p.m.34 views

CVE-2020-17510

Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS9AI score0.09056EPSS
Exploits0
Rows per page
Query Builder