Lucene search
+L

7 matches found

vulnersOsv
vulnersOsv
added 2022/02/09 10:3 p.m.5 views

br.com.caelum.vraptor:vraptor-shiro (>=4.0.0-RC2 <=4.0.0-beta-1), br.eti.arthurgregorio:shiro-ee (>=1.0.0 <=1.5.1) +1728 more potentially affected by CVE-2020-17523 via org.apache.shiro:shiro-web (>=1.0.0-incubating <=1.7.0)

org.apache.shiro:shiro-web MAVEN version =1.0.0-incubating, =4.0.0-RC2, =1.0.0, =1.0.0, =0.0.2, =0.0.21, =0.0.2, =0.0.1, =1.0.0, =1.0.0, =0.1, =0.1, =0.1, =0.2 and more Source cves: CVE-2020-17523 Source advisory: OSV:GHSA-V98J-7CRC-WVRJ...

9.8CVSS7.2AI score0.85911EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2022/02/09 10:3 p.m.7 views

cc.eamon.open:auth (=0.0.2), cn.acooly:acooly-auth-wechat-authenticator (=5.2.1) +819 more potentially affected by CVE-2020-17523 via org.apache.shiro:shiro-spring (>=1.0.0-incubating <=1.7.0)

org.apache.shiro:shiro-spring MAVEN version =1.0.0-incubating, =1.0.0, =1.0, =1.0, =1.0.0, =1.0.4 - cn.org.awcp:awcp-formdesigner-applicationImpl =1.0-RELEASE and more Source cves: CVE-2020-17523 Source advisory: OSV:GHSA-V98J-7CRC-WVRJ...

9.8CVSS7.2AI score0.85911EPSS
Exploits2
NVD
NVD
added 2021/02/03 5:15 p.m.21 views

CVE-2020-17523

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS0.85911EPSS
Exploits2References8
OSV
OSV
added 2021/02/03 5:15 p.m.23 views

CVE-2020-17523

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS7AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2021/02/03 5:15 p.m.22 views

CVE-2020-17523

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS7.2AI score0.85911EPSS
Exploits2References5
CVE
CVE
added 2021/02/03 4:55 p.m.138 views

CVE-2020-17523

CVE-2020-17523 : Apache Shiro before 1.7.1, when used with Spring, can be bypassed via a specially crafted HTTP request, leading to authentication bypass. The vulnerability stems from path handling and whitespace/tokenization behavior that may cause a request to bypass Shiro’s authentication chec...

9.8CVSS9.4AI score0.85911EPSS
Exploits2References8Affected Software1
Debian CVE
Debian CVE
added 2021/02/03 4:55 p.m.37 views

CVE-2020-17523

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...

9.8CVSS9AI score0.85911EPSS
Exploits2
Rows per page
Query Builder