4 matches found
Moderate: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications monoliths and microservices for OpenShift as a containerized platform. This release of Red H...
CVE-2020-5404
The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...
CVE-2020-5404
CVE-2020-5404 affects Reactor Netty’s HttpClient (versions 0.9.x before 0.9.5 and 0.8.x before 0.8.16). The issue arises when the HttpClient is explicitly configured to follow redirects, which may cause a credentials leak during a redirect to a different domain. Impact is credential leakage; expl...
CVE-2020-5404 Authentication Leak On Redirect With Reactor Netty HttpClient
The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...