You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@shiro.apache.org by "boyqian (Jira)" <ji...@apache.org> on 2022/04/01 01:26:00 UTC

[jira] [Commented] (SHIRO-876) Does CVE-2010-1622 affect shiro?

    [ https://issues.apache.org/jira/browse/SHIRO-876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17515654#comment-17515654 ] 

boyqian commented on SHIRO-876:
-------------------------------

OK , Thanks, the Shiro project will update to newer versions, Maybe affect it. And I will update spring version as direct dependencies aplly on shiro project to solve this question. thanks

> Does CVE-2010-1622 affect shiro?
> --------------------------------
>
>                 Key: SHIRO-876
>                 URL: https://issues.apache.org/jira/browse/SHIRO-876
>             Project: Shiro
>          Issue Type: Question
>            Reporter: boyqian
>            Priority: Major
>
> I want to know if the current spring vulnerability affects Apache shiro? The current version is 1.8.0.
> Will shiro upgrade the spring-beans version?
> And Other old versions is affect it? such as 1.6.0 to 1.8.0



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@shiro.apache.org
For additional commands, e-mail: issues-help@shiro.apache.org