[jira] [Commented] (SHIRO-876) Does CVE-2010-1622 affect shiro?

boyqian (Jira) Thu, 31 Mar 2022 02:07:05 -0700


    [ 
https://issues.apache.org/jira/browse/SHIRO-876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515182#comment-17515182
 ]


boyqian commented on SHIRO-876:
-------------------------------

[https://thehackernews.com/2022/03/unpatched-java-spring-framework-0-day.html]

> Does CVE-2010-1622 affect shiro?
> --------------------------------
>
>                 Key: SHIRO-876
>                 URL: https://issues.apache.org/jira/browse/SHIRO-876
>             Project: Shiro
>          Issue Type: Question
>            Reporter: boyqian
>            Priority: Major
>
> I want to know if the current spring vulnerability affects Apache shiro? The 
> current version is 1.8.0.
> Will shiro upgrade the spring-beans version?
> And Other old versions is affect it? such as 1.6.0 to 1.8.0



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (SHIRO-876) Does CVE-2010-1622 affect shiro?

Reply via email to