4 matches found
EUVD-2024-0376
Malicious code in bioql PyPI...
CVE-2023-46750 Apache Shiro: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Shiro.
URL Redirection to Untrusted Site 'Open Redirect' vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+...
PT-2022-25462 · Apache +1 · Apache Shiro +1
Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.10.0 Description: The issue is related to an authentication bypass vulnerability in Apache Shiro when forwarding or including via RequestDispatcher. Recommendations: For versions prior to 1.10.0, update to...
Security Bulletin: Apache Shiro (Publicly disclosed vulnerability) Affects IBM Partner Engagement Manager (CVE-2022-32532)
Summary IBM Sterling Partner Engagement Manager uses Apache Shiro library 1.9.1, where A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...