Lucene search
K

GHSA-J52R-XC68-Q8F4 Insufficiently Protected Credentials in Pivotal Reactor Netty

🗓️ 23 Oct 2019 14:14:32Reported by GoogleType 
osv
 osv
🔗 osv.dev👁 18 Views

Insufficiently Protected Credentials in Pivotal Reactor Netty, versions prior to 0.8.11, passes headers through redirects, including authorization ones. A remote unauthenticated malicious user may gain access to credentials for a different server than they have access to

Related
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2019-11284
16 Jan 202412:37
circl
CVE
CVE-2019-11284
17 Oct 201917:40
cve
Cvelist
CVE-2019-11284 Reactor Netty authentication leak in redirects
17 Oct 201917:40
cvelist
EUVD
EUVD-2019-0705
7 Oct 202500:30
euvd
Github Security Blog
Insufficiently Protected Credentials in Pivotal Reactor Netty
23 Oct 201914:14
github
NVD
CVE-2019-11284
17 Oct 201918:15
nvd
OSV
CVE-2019-11284
17 Oct 201918:15
osv
Prion
Authorization
17 Oct 201918:15
prion
Spring Security Advisories
Reactor Netty authentication leak in redirects
11 Oct 201900:00
spring
Veracode
Information Disclosure
18 Oct 201903:27
veracode
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation