Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4
Typemaven
Namespaceorg.apache.shiro
Nameshiro-web
Version2.0.0-alpha-4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5ft1-h1b5-5ydm
vulnerability_id VCID-5ft1-h1b5-5ydm
summary 
Open redirect in Apache Shiro
URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro.
Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.
references
0
reference_url https://github.com/apache/shiro
reference_id
reference_type
scores
url https://github.com/apache/shiro
1
reference_url https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a
reference_id
reference_type
scores
url https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a
2
reference_url https://github.com/apache/shiro/commit/8400d08d5eac0bc4fae99d28c5adc82dd8a86eda
reference_id
reference_type
scores
url https://github.com/apache/shiro/commit/8400d08d5eac0bc4fae99d28c5adc82dd8a86eda
3
reference_url https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9
reference_id
reference_type
scores
url https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9
4
reference_url https://security.netapp.com/advisory/ntap-20240808-0002
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20240808-0002
5
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20241108-0002
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46750
reference_id CVE-2023-46750
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-46750
7
reference_url https://github.com/advisories/GHSA-hhw5-c326-822h
reference_id GHSA-hhw5-c326-822h
reference_type
scores
url https://github.com/advisories/GHSA-hhw5-c326-822h
fixed_packages
0
url pkg:maven/org.apache.shiro/shiro-web@1.13.0
purl pkg:maven/org.apache.shiro/shiro-web@1.13.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@1.13.0
1
url pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4
purl pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4
aliases CVE-2023-46750, GHSA-hhw5-c326-822h
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ft1-h1b5-5ydm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4