Lucene search
GoogleOSV:GHSA-F6JP-J6W3-W9HMHistorySep 20, 2021 - 8:18 p.m.
Apache Shiro vulnerable to a specially crafted HTTP request causing an authentication bypass
2021-09-2020:18:11
Google
osv.dev
8
0.269 Low
EPSS
Percentile
96.8%
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0.
References
lists.apache.org/thread.html/raae98bb934e4bde304465896ea02d9798e257e486d04a42221e2c41b@%3Cuser.shiro.apache.org%3E
lists.apache.org/thread.html/re470be1ffea44bca28ccb0e67a4cf5d744e2d2b981d00fdbbf5abc13%40%3Cannounce.shiro.apache.org%3E
nvd.nist.gov/vuln/detail/CVE-2021-41303
security.netapp.com/advisory/ntap-20220609-0001
www.oracle.com/security-alerts/cpujul2022.html
Related
nvd
nvd
CVE-2021-41303
2021-09-17 09:15:09
redhatcve
redhatcve
CVE-2021-41303
2021-09-20 19:39:08
cve
cve
CVE-2021-41303
2021-09-17 09:15:09
debiancve
debiancve
CVE-2021-41303
2021-09-17 09:15:09
osv
osv
CVE-2021-41303
2021-09-17 09:15:09
veracode
veracode
Authentication Bypass
2021-09-20 10:05:20
cvelist
cvelist
nessus
nessus
Apache Shiro < 1.8.0 Authentication Bypass
2022-06-01 00:00:00
github
github
ubuntucve
ubuntucve
CVE-2021-41303
2021-09-17 00:00:00
prion
prion
Authentication flaw
2021-09-17 09:15:00
cnvd
cnvd
APACHE SHIRO authentication bypass vulnerability
2021-09-18 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00