Lucene search
China National Vulnerability DatabaseCNVD-2023-70281HistoryJul 30, 2023 - 12:00 a.m.
Apache Shiro Path Traversal Vulnerability
2023-07-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
apache shiro
path traversal
security framework
java
vulnerability
file retrieval
Apache Shiro is the United States Apache (Apache) Foundation set of Java security framework for performing authentication, authorization, encryption and session management . A path traversal vulnerability exists in versions of Apache Shiro prior to 1.12.0, which stems from the program’s failure to properly filter special elements in the path of a resource or file. An attacker could exploit this vulnerability to retrieve arbitrary files from the underlying file system via a specially crafted web request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache apache shiro | lt | 1.12.0 |
Related
broadcom
broadcom
ubuntucve
ubuntucve
CVE-2023-34478
2023-07-24 00:00:00
veracode
veracode
Path Traversal
2023-07-26 12:52:26
Path Traversal
2023-07-26 04:05:08
debiancve
debiancve
CVE-2023-34478
2023-07-24 19:15:10
cvelist
cvelist
nvd
nvd
CVE-2023-34478
2023-07-24 19:15:10
ibm
ibm
github
github
Path Traversal in Apache Shiro
2023-07-24 21:30:39
cve
cve
CVE-2023-34478
2023-07-24 19:15:10
osv
osv
Path Traversal in Apache Shiro
2023-07-24 21:30:39
CVE-2023-34478
2023-07-24 19:15:10
prion
prion
Path traversal
2023-07-24 19:15:00