GCVE - cpe:2.3:a:n/a:apache_shiro:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:apache_shiro:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Apache Shiro (`45036ab2-c641-5e9e-a784-ac29b2b519cc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-1957`	vulnerable	2026-06-08 05:21:03.761672	Details available Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. Published: 2020-03-25T15:24:27.000Z Updated: 2024-08-04T06:54:00.565Z Open on db.gcve.eu Reference links https://lists.apache.org/thread.html/r17f371fc89d34df2d0c8131473fbc68154290e1be238895648f5a1e6%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/rc64fb2336683feff3580c3c3a8b28e80525077621089641f2f386b63%40%3Ccommits.camel.apache.org%3E https://lists.apache.org/thread.html/rb3982edf8bc8fcaa7a308e25a12d294fb4aac1f1e9d4e14fda639e77%40%3Cdev.geode.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/04/msg00014.html https://lists.apache.org/thread.html/rc8b39ea8b3ef71ddc1cd74ffc866546182683c8adecf19c263fe7ac0%40%3Ccommits.shiro.apache.org%3E	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-17523`	vulnerable	2026-06-08 05:20:56.688433	Details available Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. Published: 2021-02-03T16:55:18.000Z Updated: 2024-08-04T14:00:48.826Z Open on db.gcve.eu Reference links https://lists.apache.org/thread.html/rce5943430a6136d37a1f2fc201d245fe094e2727a0bc27e3b2d43a39%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/r5b93ddf97e2c4cda779d22fab30539bdec454cfa5baec4ad0ffae235%40%3Cgitbox.activemq.apache.org%3E https://lists.apache.org/thread.html/rd4b613e121438b97e3eb263cac3137caddb1dbd8f648b73a4f1898a6%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/r9d93dfb5df016b1a71a808486bc8f9fbafebbdbc8533625f91253f1d%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/re25b8317b00a50272a7252c4552cf1a81a97984cc2111ef7728e48e0%40%3Cdev.shiro.apache.org%3E	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-17510`	vulnerable	2026-06-08 05:20:56.626799	Details available Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. Published: 2020-11-05T20:17:36.000Z Updated: 2024-08-04T14:00:48.649Z Open on db.gcve.eu Reference links https://lists.apache.org/thread.html/rc2cff2538b683d480426393eecf1ce8dd80e052fbef49303b4f47171%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/r95bdf3703858b5f958b5e190d747421771b430d97095880db91980d6%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r70098e336d02047ce4d4e69293fe8d558cd68cde06f6430398959bc4%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/rb47d88af224e396ee34ffb88ee99fb6d04510de5722cf14b7137e6bc%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/r575301804bfac87a064359cf4b4ae9d514f2d10db7d44120765f4129%40%3Cdev.shiro.apache.org%3E	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-13933`	vulnerable	2026-06-08 05:18:01.394471	Details available Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. Published: 2020-08-17T20:19:53.000Z Updated: 2024-08-04T12:32:14.332Z Open on db.gcve.eu Reference links https://lists.apache.org/thread.html/r539f87706094e79c5da0826030384373f0041068936912876856835f%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/r18b45d560d76c4260813c802771cc9678aa651fb8340e09366bfa198%40%3Cdev.geode.apache.org%3E https://lists.apache.org/thread.html/r9ea6d8560d6354d41433ad006069904f0ed083527aa348b5999261a7%40%3Cdev.geode.apache.org%3E https://lists.apache.org/thread.html/r6ea0224c1971a91dc6ade1f22508119a9c3bd56cef656f0c44bbfabb%40%3Cdev.shiro.apache.org%3E https://lists.apache.org/thread.html/r4c1e1249e9e1acb868db0c80728c13f448d07333da06a0f1603c0a33%40%3Cdev.shiro.apache.org%3E	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.