Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-723

Provide Minor Shiro Release that includes CVE-2019-10086 Fix

    XMLWordPrintableJSON

Details

    • Request
    • Status: Resolved
    • Major
    • Resolution: Resolved
    • 1.4.1
    • 1.5.0
    • None
    • None

    Description

      As a User of Shiro
      I want Shiro to pass security scans
      So that it doesn't break my pipeline

      The latest version of Shrio includes the risk from CVE-2019-10086. This has been fixed in SHIRO-720 and is in master. However there is no release available that includes the August Merge Request.

      ref:
      https://github.com/apache/shiro/pull/167
      https://issues.apache.org/jira/browse/SHIRO-720
      https://nvd.nist.gov/vuln/detail/CVE-2019-10086

      Attachments

        Activity

          People

            fpapon Francois Papon
            mdenihan Mark Denihan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: