{"schema_version": "1.6.1", "id": "CVE-2021-41303", "summary": "Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass", "details": "Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass.\n\nUsers should update to Apache Shiro 1.8.0.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Shiro"}, {"fixed": "1.8.0"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/re470be1ffea44bca28ccb0e67a4cf5d744e2d2b981d00fdbbf5abc13%40%3Cannounce.shiro.apache.org%3E"}]}