Published on the
The Shiro team is pleased to announce the release of Apache Shiro version 1.5.2. This is a feature release for 1.x.
This release includes 3 issues resolved since the 1.5.1 release and isavailable for Download now.
Fixes authentication bypass issue: CVE-2020-1957
FirstSuccessfulStrategy will short circuit correctly now.
You can learn more on Jira
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors.
For more information on Shiro, please read the documentation.
The Apache Shiro Team