{"url":"http://public2.vulnerablecode.io/api/packages/68196?format=json","purl":"pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4","type":"maven","namespace":"org.apache.shiro","name":"shiro-web","version":"2.0.0-alpha-4","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46666?format=json","vulnerability_id":"VCID-5ft1-h1b5-5ydm","summary":"Open redirect in Apache Shiro\nURL Redirection to Untrusted Site ('Open Redirect') vulnerability when \"form\" authentication is used in Apache Shiro.\nMitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.","references":[{"reference_url":"https://github.com/apache/shiro","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/shiro"},{"reference_url":"https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/shiro/commit/3b80f5c8e5a95ba31e92e4825ecc0ba3148b555a"},{"reference_url":"https://github.com/apache/shiro/commit/8400d08d5eac0bc4fae99d28c5adc82dd8a86eda","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/shiro/commit/8400d08d5eac0bc4fae99d28c5adc82dd8a86eda"},{"reference_url":"https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240808-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20240808-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20241108-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20241108-0002"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46750","reference_id":"CVE-2023-46750","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46750"},{"reference_url":"https://github.com/advisories/GHSA-hhw5-c326-822h","reference_id":"GHSA-hhw5-c326-822h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hhw5-c326-822h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68195?format=json","purl":"pkg:maven/org.apache.shiro/shiro-web@1.13.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@1.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/68196?format=json","purl":"pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4"}],"aliases":["CVE-2023-46750","GHSA-hhw5-c326-822h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ft1-h1b5-5ydm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.shiro/shiro-web@2.0.0-alpha-4"}