Bugs fixes in "shiro"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-46750 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Sh | 2024-12-10 |
| CVE | CVE-2023-46749 | Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used togethe | 2024-12-10 |
| CVE | CVE-2023-34478 | Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used togeth | 2024-12-10 |
| CVE | CVE-2023-46750 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Sh | 2024-12-10 |
| CVE | CVE-2023-46749 | Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used togethe | 2024-12-10 |
| CVE | CVE-2023-34478 | Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used togeth | 2024-12-10 |
| CVE | CVE-2020-17510 | Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | 2023-09-07 |
| CVE | CVE-2020-13933 | Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. | 2023-09-07 |
| CVE | CVE-2020-17510 | Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | 2023-09-07 |
| CVE | CVE-2020-13933 | Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. | 2023-09-07 |
| CVE | CVE-2020-11989 | Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-1957 | Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-11989 | Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-1957 | Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-11989 | Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-1957 | Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-11989 | Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
| CVE | CVE-2020-1957 | Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | 2021-02-18 |
About
-
Send Feedback to @ubuntu_updates
