Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shiro | Apache | * | 1.6.0 (excluding) |
Shiro | Ubuntu | bionic | * |
Shiro | Ubuntu | devel | * |
Shiro | Ubuntu | esm-apps/bionic | * |
Shiro | Ubuntu | esm-apps/xenial | * |
Shiro | Ubuntu | focal | * |
Shiro | Ubuntu | groovy | * |
Shiro | Ubuntu | hirsute | * |
Shiro | Ubuntu | impish | * |
Shiro | Ubuntu | jammy | * |
Shiro | Ubuntu | kinetic | * |
Shiro | Ubuntu | lunar | * |
Shiro | Ubuntu | trusty | * |
Shiro | Ubuntu | xenial | * |
Red Hat Fuse 7.8.0 | RedHat | shiro-core | * |
Red Hat Fuse/AMQ 6.3.18 | RedHat | shiro-core | * |