CVE-2022-32532

Published: 2022-06-29T00:15Z

Last Modified: 2024-11-21T07:06Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt