Thank you for your response. Following is the link I am referring to for the Shiro Vulnerabilities associated with respective versions.
https://mvnrepository.com/artifact/org.apache.shiro/shiro-core For example - following are reported in version 1.9. CVE-2022-40664 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40664> CVE-2022-32532 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32532> Thank you, -Mihir. On Wed, Jul 19, 2023 at 1:59 PM <[email protected]> wrote: > Hi, Mihir, > > I am not quite sure what you are asking. Can you clarify what exact > vulnerabilities you are referring to? > Perhaps a link or two? > > Thank you > > On Jul 18, 2023, at 7:39 AM, Mihir Chhaya <[email protected]> wrote: > > Hello, > > I see the Authentication bypass vulnerability existing in almost every > release of the Apache Shiro. > > Is there any solution for this? We are evaluating the options to implement > the security and not able to decide if these vulnerabilities will ever get > resolved. > > Any suggestions? > > Thank you, > -Mihir. > > >
