Lucene search
Veracode Vulnerability DatabaseVERACODE:36206HistoryJun 30, 2022 - 3:16 a.m.
Authorization Bypass
2022-06-3003:16:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.04 Low
EPSS
Percentile
92.1%
shiro-core is vulnerable to authorization bypass. The vulnerability exists due to the case-insensitive regex pattern matching used in the matches function of RegExPatternMatcher.java, allowing an attacker to bypass the servlet container when RegExPatternMatcher with . in the regular expression
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache shiro :: core | le | 1.9.0 | |
| apache shiro :: core | le | 1.9.0 |
Related
ubuntucve
ubuntucve
CVE-2022-32532
2022-06-29 00:00:00
debiancve
debiancve
CVE-2022-32532
2022-06-29 00:15:10
osv
osv
Improper Authorization in Apache Shiro
2022-06-30 00:00:41
CVE-2022-32532
2022-06-29 00:15:10
redhatcve
redhatcve
CVE-2022-32532
2022-07-14 12:14:20
githubexploit
githubexploit
Exploit for Incorrect Authorization in Apache Shiro
2022-06-29 01:05:33
ibm
ibm
cve
cve
CVE-2022-32532
2022-06-29 00:15:10
prion
prion
Authorization
2022-06-29 00:15:00
cvelist
cvelist
CVE-2022-32532 Authentication Bypass Vulnerability
2022-06-28 23:20:11
nvd
nvd
CVE-2022-32532
2022-06-29 00:15:10
github
github
Improper Authorization in Apache Shiro
2022-06-30 00:00:41
nessus
nessus
Oracle WebCenter Sites (Oct 2022 CPU)
2022-10-21 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00