Security Advisory

CVE-2022-32532

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-28 23:20:11

Last updated 2024-08-03 07:46:43

Assigner apache

State PUBLISHED

Description

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

← Browse all CVEs View on cve.org ↗