Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.21 views

PT-2026-50410

Name of the Vulnerable Software and Affected Versions Apache Shiro versions prior to 2.2.1 Apache Shiro versions prior to 3.0.0-alpha-2 Description A remote attacker can inject LDAP special characters into the Distinguished Name DN construction within the DefaultLdapRealm class. User-supplied...

9.1CVSS5.3AI score0.00494EPSS
Exploits0References9
vulnersOsv
vulnersOsv
added 2026/05/25 11:19 p.m.7 views

ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +296 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.1.0)

org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43828 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116503...

6.5CVSS5.7AI score0.00272EPSS
Exploits0
OSV
OSV
added 2026/02/09 10:15 a.m.6 views

UBUNTU-CVE-2026-23903

Authentication Bypass by Alternate Name vulnerability in Apache Shiro. This issue affects Apache Shiro: before 2.0.7. Users are recommended to upgrade to version 2.0.7, which fixes the issue. The issue only effects static files. If static files are served from a case-insensitive filesystem, such ...

5.3CVSS7AI score0.00363EPSS
Exploits0References5
OSV
OSV
added 2022/06/29 12:15 a.m.5 views

UBUNTU-CVE-2022-32532

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...

9.8CVSS7.2AI score0.25431EPSS
Exploits0References3
Rows per page
Query Builder