Описание
In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.
EPSS
Процентиль: 35%
0.00145
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.1
redhat
5 месяцев назад
In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.
CVSS3: 6.1
github
5 месяцев назад
Reactor Netty HTTP is vulnerable to credential leaks during chained redirects
EPSS
Процентиль: 35%
0.00145
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-200