Maven package
io.projectreactor.netty/reactor-netty
pkg:maven/io.projectreactor.netty/reactor-netty
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11284 | — | < 0.8.11 | 0.8.11 | Oct 17, 2019 | Pivotal Reactor Netty, versions prior to 0.8.11, passes headers through redirects, including authorization ones. A remote unauthenticated malicious user may gain access to credentials for a different server than they have access to. |
- CVE-2019-11284Oct 17, 2019affected < 0.8.11fixed 0.8.11
Pivotal Reactor Netty, versions prior to 0.8.11, passes headers through redirects, including authorization ones. A remote unauthenticated malicious user may gain access to credentials for a different server than they have access to.