📦 Shiro

This CVE describes an authentication bypass vulnerability in Apache Shiro that allows attackers to bypass security controls through path traversal techniques. It affects Apache Shiro versions before 1...

CVE-2021-41303 is an authentication bypass vulnerability in Apache Shiro when used with Spring Boot. A specially crafted HTTP request can allow attackers to bypass authentication mechanisms and gain u...

CVE-2020-17523 is an authentication bypass vulnerability in Apache Shiro when used with Spring. Attackers can craft HTTP requests to bypass authentication mechanisms and gain unauthorized access to pr...

CVE-2020-17510 is an authentication bypass vulnerability in Apache Shiro when used with Spring. A specially crafted HTTP request can bypass authentication mechanisms, allowing unauthorized access to p...

This CVE describes an authentication bypass vulnerability in Apache Shiro where attackers can access protected static files by changing the case of filenames in requests. It affects Apache Shiro versi...

This CVE describes an observable timing discrepancy vulnerability in Apache Shiro authentication. Attackers can use timing differences to distinguish between non-existent users and incorrect passwords...