7 matches found
br.com.caelum.vraptor:vraptor-shiro (>=4.0.0-RC2 <=4.0.0-beta-1), br.eti.arthurgregorio:shiro-ee (>=1.0.0 <=1.5.1) +1728 more potentially affected by CVE-2020-17523 via org.apache.shiro:shiro-web (>=1.0.0-incubating <=1.7.0)
org.apache.shiro:shiro-web MAVEN version =1.0.0-incubating, =4.0.0-RC2, =1.0.0, =1.0.0, =0.0.2, =0.0.21, =0.0.2, =0.0.1, =1.0.0, =1.0.0, =0.1, =0.1, =0.1, =0.2 and more Source cves: CVE-2020-17523 Source advisory: OSV:GHSA-V98J-7CRC-WVRJ...
cc.eamon.open:auth (=0.0.2), cn.acooly:acooly-auth-wechat-authenticator (=5.2.1) +819 more potentially affected by CVE-2020-17523 via org.apache.shiro:shiro-spring (>=1.0.0-incubating <=1.7.0)
org.apache.shiro:shiro-spring MAVEN version =1.0.0-incubating, =1.0.0, =1.0, =1.0, =1.0.0, =1.0.4 - cn.org.awcp:awcp-formdesigner-applicationImpl =1.0-RELEASE and more Source cves: CVE-2020-17523 Source advisory: OSV:GHSA-V98J-7CRC-WVRJ...
CVE-2020-17523
Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...
CVE-2020-17523
Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...
CVE-2020-17523
Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...
CVE-2020-17523
CVE-2020-17523 : Apache Shiro before 1.7.1, when used with Spring, can be bypassed via a specially crafted HTTP request, leading to authentication bypass. The vulnerability stems from path handling and whitespace/tokenization behavior that may cause a request to bypass Shiro’s authentication chec...
CVE-2020-17523
Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass...